RaccoonStealer botnet controller @85.159.212.113

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RaccoonStealer botnet controller located at 85.159.212.113 on port 80 (using HTTP GET):
hXXp://85.159.212.113/brun09s

$ nslookup 85.159.212.113
85-159-212-113.ip.linodeusercontent.com

Referencing malware binaries (MD5 hash):
3e322c58527c0ff237722c50c62bcbe5 — AV detection: 30 / 71 (42.25)
4bd712b2b353cd5d34f43c70c6410547 — AV detection: 33 / 70 (47.14)
6548ac85cb5882f467fffeac95b5bf16 — AV detection: 21 / 67 (31.34)
7ec9cf9d89746b0d1235baf842512810 — AV detection: 43 / 70 (61.43)
88c26e240d5dc57ee1eb2abdde762afd — AV detection: 44 / 70 (62.86)
9fd64f773e3a390ad985d7434785948a — AV detection: 42 / 68 (61.76)
b1f7dbbd8475aff9df72ca277b5ed314 — AV detection: 23 / 69 (33.33)
ba6450feb726f5138207ba09c4b18982 — AV detection: 44 / 70 (62.86)
f1fa67869c1bd645864513b6a9612999 — AV detection: 41 / 71 (57.75)

Опубликовано
В рубрике linode.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *