Malware botnet controller @104.21.78.28

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 104.21.78.28 on port 80 (using HTTP POST):
hXXp://by.dirfgame.com/report7.4.php

$ dig +short by.dirfgame.com
104.21.78.28

Referencing malware binaries (MD5 hash):
0c3f670f496ffcf516fe77d2a161a6ee — AV detection: 32 / 69 (46.38)
1a62a7ebf208b538db86f5be062dfee8 — AV detection: 39 / 69 (56.52)
34ea477b185d56b4906e8f0fd7a41497 — AV detection: 25 / 70 (35.71)
4a685c548939456be6d82036d70bb508 — AV detection: 45 / 69 (65.22)
5637aba8fa47476f92deb742b91a2099 — AV detection: 36 / 70 (51.43)
56bd0f698f28e63479e5697dd167926e — AV detection: 27 / 70 (38.57)
6002cef1c26bedbb75518deb75002cd5 — AV detection: 41 / 70 (58.57)
6ec836e7cf86162bb62ed8d3483f770b — AV detection: 38 / 69 (55.07)
70800f0e430d4c9ae411aa87ef26870d — AV detection: 44 / 70 (62.86)
97215e725fb482b629c3207e97e4ecb3 — AV detection: 40 / 69 (57.97)
9d6606ebe72f1d3ad0f239e4661064df — AV detection: 37 / 68 (54.41)
a754616553c0f9849238d05240be5e78 — AV detection: 41 / 69 (59.42)
a802654312893e01557ba184133d742a — AV detection: 30 / 69 (43.48)
aa32786be12984fe0895614b2d3e74ee — AV detection: 39 / 68 (57.35)
abfc37485ad217c9d6f352c66dae53d2 — AV detection: 37 / 69 (53.62)
ad4c4594a0dab8bd5e304bba26531f55 — AV detection: 40 / 70 (57.14)
afbc5b04b75f1ad031b50355f856179a — AV detection: 36 / 69 (52.17)
bb072cad921aa5ce8b97706ce01bc570 — AV detection: 42 / 67 (62.69)
bc08eb98812457e50f866ee0fefb974b — AV detection: 39 / 69 (56.52)
bc134ee57553cda5893b69950d8616f4 — AV detection: 44 / 69 (63.77)
c21f9c393077da2f80a2010f93173060 — AV detection: 46 / 67 (68.66)
d695648656778c4e73b6fa0a87062cfb — AV detection: 27 / 67 (40.30)
dbc3e1e93fe6f9e1806448cd19e703f7 — AV detection: 48 / 68 (70.59)
e9de258cc0ac23b6a08d3b94f1ce6977 — AV detection: 41 / 69 (59.42)

Other malicious domain names hosted on this IP address:
dasfelynsaterr.win 104.21.78.28
max.dirfgame.com 104.21.78.28
by.dirfgame.com 104.21.78.28

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *