RedLineStealer botnet controller @3.17.66.208

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 3.17.66.208 on port 50383 TCP:
$ telnet 3.17.66.208 50383
Trying 3.17.66.208…
Connected to 3.17.66.208.
Escape character is ‘^]’

$ nslookup 3.17.66.208
ec2-3-17-66-208.us-east-2.compute.amazonaws.com

Referencing malware samples (MD5 hash):
0bea974fca09703496dcca41ce759790 — AV detection: 45 / 68 (66.18%)
4cd16507a31ada721884ccaa2f8e95f1 — AV detection: 48 / 69 (69.57%)
5abf967f514466318c8786cd77a4e280 — AV detection: 39 / 69 (56.52%)
975b12b1a5eb94546bc03a18990fc10c — AV detection: 47 / 69 (68.12%)
a012ff672360f0d4218783ad91152995 — AV detection: 44 / 69 (63.77%)
a0c8da8c027e72bde129e39b1c827497 — AV detection: 37 / 68 (54.41%)
a19de5d2a094b016b22dfda4c2138003 — AV detection: 53 / 68 (77.94%)
a70a09da2ab752ccea9d975f7f5ac5ab — AV detection: 28 / 67 (41.79%)
a871d6371c9371bfd2b7bd0b3176db98 — AV detection: 43 / 68 (63.24%)
a9c476901c06929957bf2bcfaf77b25a — AV detection: 51 / 68 (75.00%)
b0a4525bfb9e230469d0a70e9b03441d — AV detection: 39 / 67 (58.21%)
bab4569b91afc1b8e96f1f39708c41bd — AV detection: 45 / 65 (69.23%)
bc9bcb032e5015bf47efe154f0e6a206 — AV detection: 38 / 68 (55.88%)
e774dd9c86af55f5f4f64ce0e6096341 — AV detection: 25 / 67 (37.31%)
f27bbd676025bd515c3202b94dff8ef6 — AV detection: 28 / 68 (41.18%)

Опубликовано
В рубрике amazon.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *