RedLineStealer botnet controller @188.68.205.115

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 188.68.205.115 on port 17645 TCP:
$ telnet 188.68.205.115 17645
Trying 188.68.205.115…
Connected to 188.68.205.115.
Escape character is ‘^]’

$ nslookup 188.68.205.115
pythagoras-40.workerchia.online

Referencing malware samples (MD5 hash):
2db8b671c0e8ddaa804b20378e046f74 — AV detection: 22 / 68 (32.35%)
474531d62e7bc13f6b86f2e8dc6c96e8 — AV detection: 51 / 70 (72.86%)
4d3002e8a51b57408db3038b1b89e158 — AV detection: 42 / 67 (62.69%)
546c62e3796d03b6610f5e813a12378b — AV detection: 22 / 68 (32.35%)
5c109a33df3ed336e58be70cb01e47db — AV detection: 29 / 67 (43.28%)
7f830c73c75600970921569a45de8d52 — AV detection: 46 / 71 (64.79%)
a08affefef9943c85d83be3959c8c75f — AV detection: 25 / 68 (36.76%)
a1326195ec0ff91df75b91aeeafa80db — AV detection: 20 / 70 (28.57%)
a23762501d71cbc6c72f794f47c27703 — AV detection: 45 / 68 (66.18%)
ac98bd0a3a900d89e3796fbbd364f5cb — AV detection: 15 / 70 (21.43%)
b0878cb5da5bbc9728518edd2462eccd — AV detection: 40 / 67 (59.70%)
b1e140bf3517e8f6ba764fc4a62867a2 — AV detection: 42 / 68 (61.76%)
b1e4e370a568b1311bc4995d85992899 — AV detection: 35 / 65 (53.85%)
bdf006ab7d3b4238dab5d9b3d65cd64e — AV detection: 49 / 67 (73.13%)
ed9061148832c3d96a9215c96293ec25 — AV detection: 25 / 68 (36.76%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *