RaccoonStealer botnet controller @95.143.179.186

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.143.179.186 on port 4633 TCP:
$ telnet 95.143.179.186 4633
Trying 95.143.179.186…
Connected to 95.143.179.186.
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:
elew3le3lanle.freeddns.org 95.143.179.186
kent0mushinec0n3t.casacam.net 95.143.179.186

Referencing malware samples (MD5 hash):
8fb77edbae0c40e1e19d82a406b7615a — AV detection: 14 / 68 (20.59%)
abae245d0def9d1add008df2dcf67f27 — AV detection: 41 / 65 (63.08%)
af74d2d098de8ec70b164e51219bd925 — AV detection: 40 / 68 (58.82%)
b1187fc9b34a62c13f8ace3b55b98463 — AV detection: 43 / 67 (64.18%)
b6730ed0a0f365d41f26459feb39425b — AV detection: 13 / 67 (19.40%)
b984a027c8a2abf874f3eb306a831613 — AV detection: 52 / 68 (76.47%)
bb8b08d57eb8095cbe44bf4480c7411a — AV detection: 26 / 69 (37.68%)
c61ee25a2f0a481f0972301f17f95526 — AV detection: 42 / 68 (61.76%)
c788e60538cbc813b05c0b302062f07a — AV detection: 50 / 68 (73.53%)
f073b540a352759bb44d7a1eb641fe61 — AV detection: 28 / 67 (41.79%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.