Loki botnet controller @172.67.219.104

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 172.67.219.104 on port 80 (using HTTP POST):
hXXp://74f26d34ffff049368a6cff8812f86ee.gq/BN111/fre.php

$ dig +short 74f26d34ffff049368a6cff8812f86ee.gq
172.67.219.104

Referencing malware binaries (MD5 hash):
5e11788d890d97045cd8d830b25527f6 — AV detection: 28 / 69 (40.58)
70d177abc7455c709ae9710630b9ea49 — AV detection: 29 / 67 (43.28)
a4226f393ccf53e3396b85316e682467 — AV detection: 30 / 69 (43.48)
cde2039ded2a443f9f04daacafbb2862 — AV detection: 25 / 67 (37.31)

Other malicious domain names hosted on this IP address:
balanceandlift.com 172.67.219.104
74f26d34ffff049368a6cff8812f86ee.gq 172.67.219.104

Добавить комментарий

Ваш адрес email не будет опубликован.