RedLineStealer botnet controller @65.108.21.21

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 65.108.21.21 on port 18653 TCP:
$ telnet 65.108.21.21 18653
Trying 65.108.21.21…
Connected to 65.108.21.21.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
071b5bc431a3854d1c55e44a8fe01e1f — AV detection: 36 / 69 (52.17%)
1480456011ebd17369712100fd44237b — AV detection: 30 / 67 (44.78%)
6ffc35a9573fdf8fb4bff5a8abdb3b18 — AV detection: 26 / 69 (37.68%)
a2698159405b7fd01ac7cefd0a1f3ac7 — AV detection: 31 / 67 (46.27%)
abc19d10e0d9bef27553c2367153aa0b — AV detection: 27 / 67 (40.30%)
b5013616e78732323bd158d0a1482046 — AV detection: 25 / 67 (37.31%)
c463b07c6e61aeb24a8f3a06dae3bd1c — AV detection: 33 / 68 (48.53%)
d2ff4e2f051e95f5f651daf5b2cad506 — AV detection: 20 / 63 (31.75%)
db67500c9dcffadcc3d0ea509ad0a260 — AV detection: 35 / 69 (50.72%)
e25438b6c7892bb93c9ce20a606d3b60 — AV detection: 46 / 65 (70.77%)
f240a0240746af43de96ce02bc9fb5c8 — AV detection: 31 / 67 (46.27%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.