RemcosRAT botnet controller @149.202.247.162

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 149.202.247.162 on port 29091 TCP:
$ telnet 149.202.247.162 29091
Trying 149.202.247.162…
Connected to 149.202.247.162.
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:
kocdestek.ddns.net 149.202.247.162
vodahelp.myvnc.com 149.202.247.162

Referencing malware samples (MD5 hash):
1ea150955aff5ff4385cc9ec557c7da8 — AV detection: 42 / 67 (62.69%)
25cbd0c6608a8cb83a9121faa28216fd — AV detection: 28 / 68 (41.18%)
3c4ac07b5a3258b6135cf9a9d64c8b3f — AV detection: 43 / 70 (61.43%)

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован.