RedLineStealer botnet controller @79.174.13.108

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 79.174.13.108 on port 19006 TCP:
$ telnet 79.174.13.108 19006
Trying 79.174.13.108…
Connected to 79.174.13.108.
Escape character is ‘^]’

$ nslookup 79.174.13.108
alltartest.fvds.ru

Referencing malware samples (MD5 hash):
42eb3ce0db0294bd3593eefbd75c38c9 — AV detection: 24 / 69 (34.78%)
62ceb94fbccfda04bd8718abbe0ff26c — AV detection: 30 / 66 (45.45%)
c9f7b7857d5932f13a06857ea5b32c54 — AV detection: 45 / 67 (67.16%)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *