RemcosRAT botnet controller @198.244.135.118

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 198.244.135.118 on port 9764 TCP:
$ telnet 198.244.135.118 9764
Trying 198.244.135.118…
Connected to 198.244.135.118.
Escape character is ‘^]’

$ nslookup 198.244.135.118
ip118.ip-198-244-135.eu

$ dig +short salesumishcn.ddns.net
198.244.135.118

Referencing malware samples:
MD5 90782f1578480161117a2ce287216468

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован.