Loki botnet controller @185.185.69.169

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Loki botnet controller located at 185.185.69.169 on port 80 (using HTTP POST):
hXXp://sempersim.su/ge12/fre.php

sempersim.su. 600 IN A 185.185.69.169

Referencing malware binaries (MD5 hash):
282597edf1d6759a52472a855ed9e14f — AV detection: 24 / 69 (34.78)
9b00c57b28305a722e483e5c4a718138 — AV detection: 17 / 69 (24.64)
a62592b4bfef85fbeed12fbcf9901223 — AV detection: 28 / 68 (41.18)
d32ed3f8502786430c379c47be37229d — AV detection: 35 / 70 (50.00)
d5ef994affd27cd8597644b5292981a1 — AV detection: 30 / 70 (42.86)
d7e7cdf137c9d5dfa8d07a6e99d40e98 — AV detection: 36 / 69 (52.17)
dd81b510160bb7198ee27b7bf1b11178 — AV detection: 20 / 67 (29.85)
ef0fb107858ef7068516c2a00b379e5f — AV detection: 23 / 68 (33.82)
f2f14fcb63ff7e0106a1fe73386702ad — AV detection: 27 / 69 (39.13)
fb5570e584e7de8454615a22f38135c1 — AV detection: 34 / 69 (49.28)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *