RedLineStealer botnet controller @185.151.240.132

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 185.151.240.132 on port 33087 TCP:
$ telnet 185.151.240.132 33087
Trying 185.151.240.132…
Connected to 185.151.240.132.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
7009fb80a52366b6c2cd8ec052a65791 — AV detection: 55 / 68 (80.88%)
73e0223ee0f17f6e2a4f4c2bafea96a3 — AV detection: 48 / 69 (69.57%)
a153810e6b1a6049ca02cdc9438cd9eb — AV detection: 34 / 68 (50.00%)
abae245d0def9d1add008df2dcf67f27 — AV detection: 41 / 65 (63.08%)
abe1ea167242537de261cb34280eafe8 — AV detection: 29 / 67 (43.28%)
af74d2d098de8ec70b164e51219bd925 — AV detection: 40 / 68 (58.82%)
b1187fc9b34a62c13f8ace3b55b98463 — AV detection: 43 / 67 (64.18%)
b8bf5a67336558fe3e523c94b83c5f8c — AV detection: 28 / 61 (45.90%)
d53ddc86260fa2b2508bb4a7270bf985 — AV detection: 49 / 69 (71.01%)
e4abe46c7a7221dbbdb27ea661c0d582 — AV detection: 48 / 67 (71.64%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.