RedLineStealer botnet controller @23.88.109.42

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 23.88.109.42 on port 55961 TCP:
$ telnet 23.88.109.42 55961
Trying 23.88.109.42…
Connected to 23.88.109.42.
Escape character is ‘^]’

$ nslookup 23.88.109.42
static.42.109.88.23.clients.your-server.de

Referencing malware samples (MD5 hash):
0855480d272915b061a57c0be7ba69b6 — AV detection: 38 / 69 (55.07%)
1eda8138733d8bcbe7016b978d3987de — AV detection: 20 / 68 (29.41%)
29e65ebb45c5a13fc7ffa70e5435732a — AV detection: 33 / 68 (48.53%)
30af8b8655079ec0aafa5e08215d87ff — AV detection: 20 / 67 (29.85%)
35852eb9dcf66e4ea598e41db359040a — AV detection: 39 / 65 (60.00%)
3eb6721a5086f40d4e0e77c790dffa82 — AV detection: 38 / 67 (56.72%)
406b2a0e1ffba38831dd40da031b8379 — AV detection: 24 / 66 (36.36%)
49abf428c6bccbf88927eee05053dd0b — AV detection: 33 / 68 (48.53%)
561200a5c9c4359a27cf3e468ebbdb70 — AV detection: 25 / 68 (36.76%)
5a46eb46bb0db78800f0931d00823576 — AV detection: 34 / 67 (50.75%)
644193587d123985e9490d88e1c13640 — AV detection: 31 / 69 (44.93%)
6a0c03cd267d7ed91bb614b7c940dc16 — AV detection: 39 / 65 (60.00%)
6d68042e2eae822172a09495b0bfc137 — AV detection: 45 / 68 (66.18%)
6f234d810e1693f8123edf06cf726108 — AV detection: 26 / 66 (39.39%)
7acf8b2fa26f46aaca0493c5932143cf — AV detection: 30 / 68 (44.12%)
8f70a0f45532261cb4df2800b141551d — AV detection: 37 / 67 (55.22%)
9910ef4bfc84dc844d507b1404a844e5 — AV detection: 45 / 67 (67.16%)
a0e2e4f6d2f7af19fb61289d2b3e8872 — AV detection: 30 / 69 (43.48%)
a23ff11199106f0e4e35607a1dedd6e4 — AV detection: 38 / 68 (55.88%)
a5ef738cf85f772db6d47364a2ec91ba — AV detection: 28 / 67 (41.79%)
a6757e3df68653d122b3dbc52aed36a0 — AV detection: 22 / 68 (32.35%)
a9052acb94dd8e9c13a19c55f59273eb — AV detection: 31 / 68 (45.59%)
a958eb7c33fd115d2c7b7c4cbddd344a — AV detection: 35 / 67 (52.24%)
aa8911a7d8ae78ec3424ee7be61c1112 — AV detection: 22 / 67 (32.84%)
aa9750f7664312294e457900635f2a82 — AV detection: 23 / 66 (34.85%)
ab1a3fc86fcb5fcdb21b93cd62eb52e2 — AV detection: 30 / 67 (44.78%)
ac3d2c1826ee6471beb2727b1391a3fe — AV detection: 29 / 67 (43.28%)
acd30e25ab5513af9eca72f42e1e7f4d — AV detection: 30 / 67 (44.78%)
ae0c78b4111d8af0825d9ad2669277a3 — AV detection: 33 / 69 (47.83%)
b1adb2120c215065b31fbe44d33475e7 — AV detection: 39 / 69 (56.52%)
b505b8e481080e15363fa4b10aed9600 — AV detection: 31 / 66 (46.97%)
bed5708436aa0ebbc73e67281717737d — AV detection: 16 / 66 (24.24%)
bf5684050e22547d985f476ad25f0e0d — AV detection: 22 / 67 (32.84%)
c2873abf359350721d260affaa3e9840 — AV detection: 19 / 68 (27.94%)
c584f4fbbd8772133ba750171df03447 — AV detection: 13 / 67 (19.40%)
e97d1cef187d1989d189fb380412d103 — AV detection: 42 / 68 (61.76%)
f3acc02f5ea2bc46d22802d65c8bb687 — AV detection: 17 / 64 (26.56%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.