RemcosRAT botnet controller @

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at on port 5467 TCP:
$ telnet 5467
Connected to
Escape character is ‘^]’

$ nslookup

Referencing malware samples:
MD5 043f469e0cdd5ee19a0c1e92070274c9
MD5 0577e2c8bb9036f0ff8dde56e06621e2
MD5 100584dd914fff4db53bd468763d7a16
MD5 2119ae04a99f3474b6652b80acbf9e36
MD5 8bbed3d331c92eb90dab265b0635ef50
MD5 d56f6fa3922ae321c0f3dc9fecd823ad
MD5 dcd79da0356caad135b3f7e9c1584cad

В рубрике

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *