RedLineStealer botnet controller @95.143.178.139

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.143.178.139 on port 9006 TCP:
$ telnet 95.143.178.139 9006
Trying 95.143.178.139…
Connected to 95.143.178.139.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
05dcd8f7c49b658f25877b2c0d2289e0 — AV detection: 30 / 66 (45.45%)
136f182f4836cd2ec50614c0f9c60ad8 — AV detection: 27 / 68 (39.71%)
4dcd1c35a04c602df955d37ec566e0b9 — AV detection: 38 / 68 (55.88%)
a64aaeffae416f32538ec450cd68442c — AV detection: 28 / 69 (40.58%)
a79d243bc2f96168b5f6395ba868060a — AV detection: 25 / 68 (36.76%)
ae1c2c26a1fac3b00974c95e1378d8b6 — AV detection: 30 / 69 (43.48%)
ddf2e7adc8fad48e966879efb8f79b4e — AV detection: 48 / 68 (70.59%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.