RedLineStealer botnet controller @95.181.152.5

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.181.152.5 on port 46927 TCP:
$ telnet 95.181.152.5 46927
Trying 95.181.152.5…
Connected to 95.181.152.5.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
19e53602978184067c705e4f96285083 — AV detection: 53 / 69 (76.81%)
1d8d76d21c61c2ea3e72d9230d6a4c3c — AV detection: 24 / 68 (35.29%)
2a3fbfb7efdeaa31fcfee8b727544beb — AV detection: 43 / 68 (63.24%)
2bddd2f1d3876f96ffd1a0c1e405fb3c — AV detection: 2 / 74 (2.70%)
32709bcfdee975523b54705841b56c9d — AV detection: 29 / 66 (43.94%)
3e545d11c01dcd525008387a6556d154 — AV detection: 34 / 67 (50.75%)
86e8c9554ca734485b9c2604de1932d9 — AV detection: 23 / 66 (34.85%)
8aa179ca062a174c67433dc36e8b0142 — AV detection: 27 / 66 (40.91%)
8ecd8cd15266ab78c0b841ca0e038e82 — AV detection: 40 / 70 (57.14%)
9340d0c965111da08152b1a1333f9f00 — AV detection: 40 / 67 (59.70%)
a27bf716e1f804d73e695c4831f97527 — AV detection: 31 / 59 (52.54%)
a437c5bd7dbd380d0a10de402c777f7c — AV detection: 28 / 67 (41.79%)
a51736a82880a2b428f1141f607813d6 — AV detection: 24 / 66 (36.36%)
a892236d3147787a8093010c68968431 — AV detection: 44 / 68 (64.71%)
aaf6c945781ddd236137b92a71c1aafb — AV detection: 24 / 67 (35.82%)
b1d9ace10a2be55b5a287833ec7bcdeb — AV detection: 47 / 69 (68.12%)
ea8918753c173993192436f7e7bd1203 — AV detection: 28 / 67 (41.79%)

Опубликовано
В рубрике msk.host

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *