RedLineStealer botnet controller @141.94.188.138

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 141.94.188.138 on port 46419 TCP:
$ telnet 141.94.188.138 46419
Trying 141.94.188.138…
Connected to 141.94.188.138.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
0667ace8cf940d7d56d3aa7ed7fe87e2 — AV detection: 46 / 69 (66.67%)
0e1332674ca9de144209293a3e2c0750 — AV detection: 20 / 66 (30.30%)
121d094e735b3e0d0edd77c99e551403 — AV detection: 36 / 68 (52.94%)
21f82ef80029b7096f06df17f57eadc6 — AV detection: 25 / 69 (36.23%)
2f8eb2e173c93dae1ddd17031ee8aa0e — AV detection: 44 / 65 (67.69%)
77469849a416bd38932bc4f2a3c59dd3 — AV detection: 15 / 67 (22.39%)
8262ffe18535f2ca30892060b31e2ddc — AV detection: 6 / 67 (8.96%)
838a91d84bfde7f6c7ac5b285b80cd83 — AV detection: 25 / 67 (37.31%)
9ac95805cb406422a8d6aad1de4b68f6 — AV detection: 6 / 66 (9.09%)
a2a74c62152013e3b87bd91f43e2c83f — AV detection: 20 / 68 (29.41%)
a712cc20b6de80a3a0e5e3575fd8eca7 — AV detection: 40 / 69 (57.97%)
aac1f8725a08ebe688622ae05284f28e — AV detection: 31 / 68 (45.59%)
ac8cc709d7aed055be98be1a65b0128e — AV detection: 31 / 68 (45.59%)
ad2e37084afa4539419fe016a1af9461 — AV detection: 23 / 67 (34.33%)
b026e744b2aa6aa1104b315236907241 — AV detection: 21 / 68 (30.88%)
b5a94e9b81811013b260564c25b2e564 — AV detection: 20 / 68 (29.41%)
b71866efeb319c2a668abdc085e8499e — AV detection: 40 / 68 (58.82%)
bca456c1243a8fdccfd95eadb2c2aca6 — AV detection: 20 / 68 (29.41%)
c5d4393b5d174a7dea3d391860234e3a — AV detection: 29 / 69 (42.03%)
d2919574199dd44dfad94faef8b5c334 — AV detection: 12 / 68 (17.65%)
e6b338c4df0ee25eafaa7614abbc9336 — AV detection: 20 / 67 (29.85%)
edb2a951607bb1782a131023731e21a4 — AV detection: 22 / 66 (33.33%)
f0882827aa702f771f744a3e19d88f40 — AV detection: 21 / 66 (31.82%)

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован.