Malware botnet controller @51.79.119.231

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 51.79.119.231 on port 13371 TCP:
$ telnet 51.79.119.231 13371
Trying 51.79.119.231…
Connected to 51.79.119.231.
Escape character is ‘^]’

$ nslookup 51.79.119.231
ip231.ip-51-79-119.net

Referencing malware samples (MD5 hash):
134acaedb1d9ec907997116d7857de72 — AV detection: 20 / 72 (27.78%)
6197e6f8ab09d8906d9ccd08277f3c24 — AV detection: 42 / 69 (60.87%)
68946d7933d6837f7779a87e7e5d3290 — AV detection: 33 / 69 (47.83%)
804520cff10e79af63d8f8cdee2697fe — AV detection: 26 / 69 (37.68%)
9fbf5f391e485e425bd1df13846bb95c — AV detection: 29 / 66 (43.94%)
a247129df49a276f0e1fe8388b6b93d0 — AV detection: 17 / 70 (24.29%)
b1607934e3ed4fdce4c195b35862717e — AV detection: 25 / 68 (36.76%)

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *