RedLineStealer botnet controller @65.108.20.184

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 65.108.20.184 on port 13650 TCP:
$ telnet 65.108.20.184 13650
Trying 65.108.20.184…
Connected to 65.108.20.184.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
044f8c75387075679573e86f043e9a7e — AV detection: 19 / 66 (28.79%)
0928eccd4ec4b63e84f18edd71225fb2 — AV detection: 30 / 67 (44.78%)
0c98925910a38de0382aa82e9c7bc9a6 — AV detection: 37 / 67 (55.22%)
23cc4f213cfcf7140c9ebf348ff69c36 — AV detection: 35 / 57 (61.40%)
31a1565381d683205dd02e5db1411d65 — AV detection: 24 / 69 (34.78%)
37d95a2b138a8d932149f0e60cf7493b — AV detection: 36 / 62 (58.06%)
519d0105b0d7b0a32f8af01b7403df83 — AV detection: 31 / 69 (44.93%)
611174b66d282bfd8c0c31668e7056c4 — AV detection: 24 / 69 (34.78%)
6ae925c15b5a946a7ab8550218835aa9 — AV detection: 33 / 65 (50.77%)
973ac74972082590e156c60b6dd241de — AV detection: 26 / 67 (38.81%)
9a7479ad2875471a16a916448740dfa8 — AV detection: 21 / 67 (31.34%)
9c5d6ca5320a93fd635c144ebb44e06a — AV detection: 25 / 64 (39.06%)
a05659273083352b2fed68291b8136ad — AV detection: 30 / 67 (44.78%)
a5653eed898a38681250363d301dd8f0 — AV detection: 26 / 66 (39.39%)
a5b1abce01fbeb4f3f47bcd440e628a9 — AV detection: 25 / 65 (38.46%)
a5bebcbebc49c4b9e9fe11afd66e189e — AV detection: 22 / 67 (32.84%)
a7a12dbcc43087db28c9f450d1e31ae7 — AV detection: 36 / 68 (52.94%)
aa9a1d27ca21f3fb5e3174b43d4d69e7 — AV detection: 33 / 68 (48.53%)
ab93f4fdfd1e17a273993e5004f92872 — AV detection: 34 / 67 (50.75%)
ac25e66b16a5cf35d56db28d6a268dfb — AV detection: 30 / 66 (45.45%)
ac9e5e316251c776286ce276464d53c3 — AV detection: 26 / 66 (39.39%)
af9303da4fb0b3ad75e1755de4ced8e0 — AV detection: 26 / 68 (38.24%)
b22a1630061954e23d42b5430dda2064 — AV detection: 37 / 67 (55.22%)
b30b7a9dd5e43b12c4b6f7c32b69c90d — AV detection: 30 / 69 (43.48%)
b44ae4f14b6352d87f87950b1bfd271e — AV detection: 42 / 66 (63.64%)
b9296d5d6124e7df1d14064069139f89 — AV detection: 34 / 68 (50.00%)
b9b9f6e2a4e2de13a9144f73f7b871d9 — AV detection: 38 / 67 (56.72%)
bcdc78b5b9ce0f67548d947f4a345e4d — AV detection: 19 / 66 (28.79%)
c05010461457b041ef85d479562505fa — AV detection: 22 / 68 (32.35%)
c425b6c2f6cf41417ee8dc10bedeb1e5 — AV detection: 20 / 66 (30.30%)
c4cc58c7c10f1cd41f4b74dc1d761ea3 — AV detection: 20 / 65 (30.77%)
c64b90893c7dfd980f13bd27e37712fb — AV detection: 28 / 68 (41.18%)
c880ecba17045c7fb1493bf248b96d82 — AV detection: 20 / 68 (29.41%)
ccaa1c55a1d0840a84bed2c4a33aa4a0 — AV detection: 32 / 68 (47.06%)
db25f3fa4611bb28148ca62218ee4cb6 — AV detection: 23 / 66 (34.85%)
e1573e67664715db6fe842de15b44ece — AV detection: 25 / 67 (37.31%)
e64b5884bd48496ab92e25caabc1c3a5 — AV detection: 18 / 67 (26.87%)
ff970f5a3c95f93e632239cd466fdf66 — AV detection: 25 / 67 (37.31%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.