RedLineStealer botnet controller @80.87.192.137

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 80.87.192.137 on port 27018 TCP:
$ telnet 80.87.192.137 27018
Trying 80.87.192.137…
Connected to 80.87.192.137.
Escape character is ‘^]’

$ nslookup 80.87.192.137
c7cleaner2.fvds.ru

Referencing malware samples (MD5 hash):
006955751cc3d47835c64e55d4841060 — AV detection: 36 / 68 (52.94%)
1ba2b90dd6564446eee10851477aa2c1 — AV detection: 27 / 68 (39.71%)
1be0d2741eaac6804e24a7586b1086b0 — AV detection: 50 / 66 (75.76%)
24e1d3723f0bc447aa6530bdc97730f1 — AV detection: 17 / 68 (25.00%)
24f0c67e78326fd02b76b922978ea137 — AV detection: 38 / 68 (55.88%)
2733a2a37c5ae91bb5e1effe59d3d2cb — AV detection: 11 / 69 (15.94%)
28379a2c18ef6e5c89b9f3719a0c1d2a — AV detection: 44 / 67 (65.67%)
358af97491dd7d9191744789b0f9e87f — AV detection: 39 / 62 (62.90%)
47000b94531ad6b652797c1f2e525752 — AV detection: 37 / 66 (56.06%)
4a1a005fe8c10d5832d91390e27c5359 — AV detection: 40 / 69 (57.97%)
55be449d2c01b13fe2aa430914ea81fe — AV detection: 37 / 69 (53.62%)
5b6c9bdb605a9ef8685e08998b24368b — AV detection: 26 / 68 (38.24%)

Добавить комментарий

Ваш адрес email не будет опубликован.