RaccoonStealer botnet controller @172.67.176.216

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RaccoonStealer botnet controller located at 172.67.176.216 on port 80 (using HTTP GET):
hXXp://teletop.top/papatikmikr0

$ dig +short teletop.top
172.67.176.216

Referencing malware binaries (MD5 hash):
32df2eb9a83b1a97096aa403b6e5ce3f — AV detection: 41 / 63 (65.08)
5abf967f514466318c8786cd77a4e280 — AV detection: 39 / 69 (56.52)
5d834cb40d77d8287173c9e92876dc2c — AV detection: 20 / 68 (29.41)
84d0bd6db46de122e0c965781e38183e — AV detection: 32 / 68 (47.06)
8e0d32c0195d67c5b2df608595e25992 — AV detection: 39 / 67 (58.21)
9b4c66a8f89b5784c7aba7502b65338d — AV detection: 48 / 68 (70.59)
a0d966c2ff40b2f4d70f25d26b5b6a06 — AV detection: 42 / 68 (61.76)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *