RedLineStealer botnet controller @51.68.142.233

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 51.68.142.233 on port 31156 TCP:
$ telnet 51.68.142.233 31156
Trying 51.68.142.233…
Connected to 51.68.142.233.
Escape character is ‘^]’

$ nslookup 51.68.142.233
antiddos-protected-by.frosbyte.org

Referencing malware samples (MD5 hash):
a751d63055d095450ccf41ecad484077 — AV detection: 29 / 67 (43.28%)
ab1f3a2ccda8c0c8a3a2ddb8e955609e — AV detection: 30 / 67 (44.78%)
b0d129a1b07f3501b7737ae293cbba00 — AV detection: 32 / 64 (50.00%)
f108ef2b7fb1d0cf3b03ac8c720ef2f5 — AV detection: 46 / 67 (68.66%)

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *