NanoCore botnet controller @20.186.91.251

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 20.186.91.251 on port 5498 TCP:
$ telnet 20.186.91.251 5498
Trying 20.186.91.251…
Connected to 20.186.91.251.
Escape character is ‘^]’

$ dig +short netwroksolutionse.ooguy.com @8.8.8.8
20.186.91.251

Referencing malware samples (MD5 hash):
3491623af925f00194a0d13ea4454480 — AV detection: 18 / 68 (26.47%)
e90b3122b974a98a17b6e919ca29fc29 — AV detection: 15 / 71 (21.13%)

Добавить комментарий

Ваш адрес email не будет опубликован.