RedLineStealer botnet controller @91.243.32.50

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 91.243.32.50 on port 63948 TCP:
$ telnet 91.243.32.50 63948
Trying 91.243.32.50…
Connected to 91.243.32.50.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
4ba8a6af59b167aa45b1c9aae4a8f682 — AV detection: 23 / 66 (34.85%)
76bc650e9936e7a08b159d7ab98eecfb — AV detection: 35 / 67 (52.24%)
92072e1401c170181f26fc193ae6137f — AV detection: 24 / 67 (35.82%)
a99b72e69aee00e8043bd3f2339ceb03 — AV detection: 45 / 68 (66.18%)
b0b2b6d9a6b42a1680474995f7bee74c — AV detection: 29 / 67 (43.28%)
b3e7ffc2b68ac03d4d2cfbb8f3e33080 — AV detection: 36 / 65 (55.38%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.