RemcosRAT botnet controller @

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at on port 29091 TCP:
$ telnet 29091
Connected to
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:

Referencing malware samples (MD5 hash):
1ea150955aff5ff4385cc9ec557c7da8 — AV detection: 42 / 67 (62.69%)
25cbd0c6608a8cb83a9121faa28216fd — AV detection: 28 / 68 (41.18%)
3c4ac07b5a3258b6135cf9a9d64c8b3f — AV detection: 43 / 70 (61.43%)

В рубрике

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *