RemcosRAT botnet controller @20.114.21.181

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 20.114.21.181 on port 2288 TCP:
$ telnet 20.114.21.181 2288
Trying 20.114.21.181…
Connected to 20.114.21.181.
Escape character is ‘^]’

$ dig +short sdsd.nerdpol.ovh
20.114.21.181

Referencing malware samples (MD5 hash):
2d65d1bb95a2a5f9d59040f6977db880 — AV detection: 35 / 61 (57.38%)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *