RaccoonStealer botnet controller @172.67.160.46

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RaccoonStealer botnet controller located at 172.67.160.46 on port 80 (using HTTP GET):
hXXp://toptelete.top/agrybirdsgamerept

$ dig +short toptelete.top
172.67.160.46

Referencing malware binaries (MD5 hash):
05f6a0e8f711fabbbb97a544f92fc25c — AV detection: 21 / 66 (31.82)
1853e380fad30fa75165d4621d6132ac — AV detection: 32 / 67 (47.76)
2246f89b65a4c0d9f57acbf396722168 — AV detection: 33 / 68 (48.53)
40bdf2bc53fcfa03c8b0312a13e52776 — AV detection: 21 / 67 (31.34)
5e6f5e7a8a4472211fc896b0bf1394f4 — AV detection: 22 / 68 (32.35)
61f3ba81a9f543af788b63a9c2070a4e — AV detection: 25 / 66 (37.88)
b2b135f238e2b3f684a2e79bbfe22235 — AV detection: 27 / 67 (40.30)
cb73451ad44fd946a064c617aafc23aa — AV detection: 42 / 68 (61.76)
d5d01917cfa8215476c43cb5dfaeae15 — AV detection: 26 / 67 (38.81)
f1542d07c0aa2b2727b4ebdeeabc21f4 — AV detection: 23 / 68 (33.82)

Добавить комментарий

Ваш адрес email не будет опубликован.