RacoonStealer botnet controller @104.21.67.139

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RacoonStealer botnet controller located at 104.21.67.139 on port 80 (using HTTP GET):
hXXp://telegalive.top/agrybirdsgamerept

$ dig +short telegalive.top
104.21.67.139

Referencing malware binaries (MD5 hash):
0f501c684fc4bb8e1b28d00b83f24232 — AV detection: 34 / 68 (50.00)
2806e93b8304e45a40c723d38d425218 — AV detection: 18 / 68 (26.47)
2ac243cfe9e473b34f673ea8dc8825b4 — AV detection: 33 / 68 (48.53)
572807ee6e7da2e15d9873abd882ce30 — AV detection: 33 / 67 (49.25)
5fe07134abda38e8870c74150caa6b68 — AV detection: 33 / 67 (49.25)
645592be1be1004bdd461c34dd9052a0 — AV detection: 30 / 66 (45.45)
7d9759ef561b399a55a64b48c47b510e — AV detection: 31 / 66 (46.97)
8a9095bb671979a0664b6736770d6847 — AV detection: 32 / 67 (47.76)
9578b86b62c3680a2fe1cef96b019438 — AV detection: 19 / 68 (27.94)
a476aaecec79520fab6b52c0a75a65e4 — AV detection: 33 / 66 (50.00)
bbb6d5dc81d9697b386da58b5de18034 — AV detection: 32 / 66 (48.48)
c8d33ff6c5b8447a366c45729e5d038f — AV detection: 33 / 67 (49.25)
e7c465315d60395a27732faf588d46b2 — AV detection: 32 / 67 (47.76)
fa62ecf7258af80aef43c870e5fab37f — AV detection: 33 / 68 (48.53)

Добавить комментарий

Ваш адрес email не будет опубликован.