RedLineStealer botnet controller @62.109.11.230

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 62.109.11.230 on port 20767 TCP:
$ telnet 62.109.11.230 20767
Trying 62.109.11.230…
Connected to 62.109.11.230.
Escape character is ‘^]’

$ nslookup 62.109.11.230
dark3rrr.fvds.ru

Referencing malware samples (MD5 hash):
4344da0b0998b9c75505db1460efca2b — AV detection: 23 / 69 (33.33%)
4b1fbb6a3db2f9e9b2b6bec8988e5965 — AV detection: 16 / 66 (24.24%)

Добавить комментарий

Ваш адрес email не будет опубликован.