RedLineStealer botnet controller @95.143.178.132

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.143.178.132 on port 21588 TCP:
$ telnet 95.143.178.132 21588
Trying 95.143.178.132…
Connected to 95.143.178.132.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
5d19bb41c6033f032708488f5cd7a72d — AV detection: 47 / 68 (69.12%)
76bc650e9936e7a08b159d7ab98eecfb — AV detection: 35 / 67 (52.24%)
850b8b4539d9183414d8193f944d473b — AV detection: 22 / 65 (33.85%)
8d5617cc370d4b5f5a128b798bd7b184 — AV detection: 45 / 65 (69.23%)
dec22ccebba8916f15efac9fa0d19986 — AV detection: 29 / 67 (43.28%)
fc36b237052f05656efd186d1d0d9836 — AV detection: 20 / 65 (30.77%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *