Malware botnet controller @157.55.136.23

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 157.55.136.23 on port 5300 TCP:
$ telnet 157.55.136.23 5300
Trying 157.55.136.23…
Connected to 157.55.136.23.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
1a8d7bde8f6869c4ceea0d6bc39b2cba — AV detection: 15 / 60 (25.00%)
1ec6db44838345b9fc89e960adab2a48 — AV detection: 53 / 70 (75.71%)
6716ba7079161643558f8e7315ecf5a4 — AV detection: 44 / 69 (63.77%)
879753e9c6814d6ca34e5e54b26b50cb — AV detection: 42 / 70 (60.00%)
8a02dcb5ef76c3c629c11f5da63c2c41 — AV detection: 10 / 59 (16.95%)
8addb03660ac849d116990b2c3f4bad8 — AV detection: 8 / 69 (11.59%)
906c90c5a321e9d087056a07d6dff929 — AV detection: 21 / 67 (31.34%)
a2972b4f0aa7489f326de2cf548aa5ef — AV detection: 45 / 69 (65.22%)

Добавить комментарий

Ваш адрес email не будет опубликован.