Malware botnet controller @185.63.191.169

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 185.63.191.169 on port 80 (using HTTP GET):
hXXp://185.63.191.169/API/2/configure.php

$ nslookup 185.63.191.169
g0rbunov.gordei.fvds.ru

Referencing malware binaries (MD5 hash):
5eb13192123cb1e7327d51d1c6bfdf44 — AV detection: 42 / 68 (61.76)
7a7ba5e27add3227f8d352c213e598de — AV detection: 50 / 68 (73.53)
dc428930e0bbec34afb563fadafccfd0 — AV detection: 51 / 70 (72.86)
ebf60ae71e4830f9e07d78e9abf7d764 — AV detection: 52 / 68 (76.47)

Добавить комментарий

Ваш адрес email не будет опубликован.