RedLineStealer botnet controller @95.217.123.66

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.217.123.66 on port 23117 TCP:
$ telnet 95.217.123.66 23117
Trying 95.217.123.66…
Connected to 95.217.123.66.
Escape character is ‘^]’

Referencing malware samples (MD5 hash):
09dfc7f65a996b7f6b1e5efc8c9bbb21 — AV detection: 62 / 68 (91.18%)
4764f9b40705bb7d0d289ccee9f7a624 — AV detection: 30 / 69 (43.48%)
4b76b0eb943fd1604194833dc78f2a78 — AV detection: 35 / 69 (50.72%)
58c4c4cc0980d98055f48d822e3a58f4 — AV detection: 35 / 70 (50.00%)
611ffad27420d72547b50763fbabf5f4 — AV detection: 14 / 67 (20.90%)
773a73b58db42b4a9a401c7e1be205da — AV detection: 21 / 69 (30.43%)
a19740453493d1c114a1734a08fb4e8a — AV detection: 34 / 69 (49.28%)
b16504e25ef918a88c54371fea0e49aa — AV detection: 31 / 65 (47.69%)
ca250a112cc91f98b32d38c264907c5e — AV detection: 50 / 68 (73.53%)
cafbd1262eeb904aa078bb12299b8fe4 — AV detection: 24 / 70 (34.29%)
d331e0db9ea773bd00e628c694207055 — AV detection: 46 / 69 (66.67%)
fbca64c70d34d26cf49c9be0feb6d3c2 — AV detection: 31 / 70 (44.29%)
fda22da8bf91b9df75088e136961abd5 — AV detection: 30 / 70 (42.86%)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.