RedLineStealer botnet controller @135.181.222.87

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 135.181.222.87 on port 35752 TCP:
$ telnet 135.181.222.87 35752
Trying 135.181.222.87…
Connected to 135.181.222.87.
Escape character is ‘^]’

$ nslookup 135.181.222.87
135-181-222-87.serverhub.ru

Referencing malware samples (MD5 hash):
0118b30c15ad392eb096d28c87c9eced — AV detection: 23 / 69 (33.33%)
067b20f1250e1ae40399a213d75f74db — AV detection: 51 / 68 (75.00%)
3050bec85096f1cc90e39f91344737f7 — AV detection: 29 / 69 (42.03%)
4e9c39b30a4262dd99a9c61c2ff4675b — AV detection: 43 / 69 (62.32%)
5bbc254b13cd8f0dc8f44386f019bdd9 — AV detection: 40 / 68 (58.82%)
6914f5f80c6caf942a51f037759346c5 — AV detection: 23 / 68 (33.82%)
a31e67c8d3261f028c5bb5fb10fe8762 — AV detection: 40 / 68 (58.82%)
a49936cefd91d01df8bd68e53c66c724 — AV detection: 41 / 69 (59.42%)
a69158217a6f8e4c70982dc7bd02278a — AV detection: 44 / 69 (63.77%)
a78261d145707ba03b0beada85190ed5 — AV detection: 43 / 67 (64.18%)
a7b584d0da973a6361175f803b8c7cdb — AV detection: 38 / 69 (55.07%)
c6f7123c673a080eca5c4738d18c6f5f — AV detection: 27 / 71 (38.03%)
e770497ecb5a8e6be77c06132e5d3e7e — AV detection: 14 / 65 (21.54%)
e869a3112f5451d06b7595e62eefc1d2 — AV detection: 50 / 70 (71.43%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.