RedLineStealer botnet controller @95.216.168.100

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.216.168.100 on port 38784 TCP:
$ telnet 95.216.168.100 38784
Trying 95.216.168.100…
Connected to 95.216.168.100.
Escape character is ‘^]’

$ nslookup 95.216.168.100
static.100.168.216.95.clients.your-server.de

Referencing malware samples (MD5 hash):
040e286308b02350784a5666497d9a01 — AV detection: 49 / 67 (73.13%)
e06d45e85ecd10438afef366af60e565 — AV detection: 39 / 67 (58.21%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *