RaccoonStealer botnet controller @104.21.26.237

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RaccoonStealer botnet controller located at 104.21.26.237 on port 80 (using HTTP GET):
hXXp://telegatt.top/agrybirdsgamerept

$ dig +short telegatt.top
104.21.26.237

Referencing malware binaries (MD5 hash):
a89e87f448f4a29cd41eebc3c1b2807a — AV detection: 26 / 67 (38.81)
ce5e05759483f6055bce5b8274808de2 — AV detection: 23 / 63 (36.51)

Other malicious domain names hosted on this IP address:
jeweltoshop.com 104.21.26.237
telegatt.top 104.21.26.237

Добавить комментарий

Ваш адрес email не будет опубликован.