RemcosRAT botnet controller @20.112.83.244

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 20.112.83.244 on port 2288 TCP:
$ telnet 20.112.83.244 2288
Trying 20.112.83.244…
Connected to 20.112.83.244.
Escape character is ‘^]’

$ dig +short rem.nerdpol.ovh
20.112.83.244

Referencing malware samples (MD5 hash):
ff621947130a01c13fa2239dc872de49 — AV detection: 47 / 70 (67.14%)

Добавить комментарий

Ваш адрес email не будет опубликован.