RedLineStealer botnet controller @62.182.156.185

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 62.182.156.185 on port 48571 TCP:
$ telnet 62.182.156.185 48571
Trying 62.182.156.185…
Connected to 62.182.156.185.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
3189c2a1bd1d5ef4c8cf5a459576e714 — AV detection: 46 / 68 (67.65%)
7d11c4bc1c78af52e584d83baa761d69 — AV detection: 21 / 70 (30.00%)
98977e2f9c3f19f5481b7ecd8c238151 — AV detection: 20 / 68 (29.41%)
ba1fb104c1317b5916dfbc36ab889325 — AV detection: 48 / 69 (69.57%)
c12dfec465928bb97ae0880b1e81c013 — AV detection: 28 / 70 (40.00%)
c9d38a734f9ce6bef5d015e2df01d2e4 — AV detection: 59 / 69 (85.51%)
f8e0901558a60fa3c13f48409ab5b668 — AV detection: 26 / 70 (37.14%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.