RedLineStealer botnet controller @172.67.213.114

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 172.67.213.114 on port 443 TCP:
$ telnet 172.67.213.114 443
Trying 172.67.213.114…
Connected to 172.67.213.114.
Escape character is ‘^]’

$ dig +short m525-blockchain31432.bar
172.67.213.114

Referencing malware samples (MD5 hash):
0cf92f409d8fd2c44ea5e033dbe2e72f — AV detection: 54 / 67 (80.60%)
174df8cad312de14610465bd6ec47fd9 — AV detection: 39 / 69 (56.52%)

Добавить комментарий

Ваш адрес email не будет опубликован.