RedLineStealer botnet controller @104.21.66.135

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 104.21.66.135 on port 443 TCP:
$ telnet 104.21.66.135 443
Trying 104.21.66.135…
Connected to 104.21.66.135.
Escape character is ‘^]’

$ dig +short the-lead-bitter.com
104.21.66.135

Referencing malware samples (MD5 hash):
1be0d2741eaac6804e24a7586b1086b0 — AV detection: 50 / 66 (75.76%)
3c3f7672597b25dcaefff03afa965641 — AV detection: 30 / 69 (43.48%)
5fb865bdd91d46c9bd96b0cae60dcc86 — AV detection: 38 / 68 (55.88%)
a0c8da8c027e72bde129e39b1c827497 — AV detection: 37 / 68 (54.41%)
a6d7bf018b5d32024c45ec13ad5b2454 — AV detection: 47 / 68 (69.12%)
a94fe2d4ea938aeda1b547621f8127b4 — AV detection: 41 / 69 (59.42%)

Добавить комментарий

Ваш адрес email не будет опубликован.