RemoteManipulator botnet controller @109.234.156.178

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 109.234.156.178 on port 5655 TCP:
$ telnet 109.234.156.178 5655
Trying 109.234.156.178…
Connected to 109.234.156.178.
Escape character is ‘^]’

$ dig +short rms-server.tektonit.ru
109.234.156.178

Referencing malware samples (MD5 hash):
0b28d89e957336370d9cc04d5dc3298e — AV detection: 38 / 70 (54.29%)
1590626280b8d48700f1d6808e09b779 — AV detection: 33 / 70 (47.14%)
1716c6a315ce64edc532f05906c3d704 — AV detection: 13 / 71 (18.31%)
18dc320626c49eaf2de70d9cb959cfa1 — AV detection: 52 / 68 (76.47%)
19040e02600d270d489c6036391d50f3 — AV detection: 36 / 68 (52.94%)
1a6fe885fa4cc0c1b82a76bfb5362dbd — AV detection: 2 / 66 (3.03%)
1d61005e6189027ea8d9126eaa2a9b71 — AV detection: 38 / 69 (55.07%)
264f6b896a16671a1b5bd75ffa8ebc23 — AV detection: 14 / 70 (20.00%)
3013355a6d7532a3ffd55af145b5006a — AV detection: 41 / 70 (58.57%)
3b790e8ef6b944d609f40409356b4097 — AV detection: 11/41 (26.83%)
4b3e51c714a3f875d7157b3a56f8a48c — AV detection: 32 / 69 (46.38%)
4dec50a4ad87230f3a90a604e115f853 — AV detection: 29 / 70 (41.43%)
776ec46b1a0d0fce7918bc99e99af6be — AV detection: 39 / 69 (56.52%)
7d971f48fa7df7b9430b53667bcb937e — AV detection: 38 / 71 (53.52%)
8dd59085a20ace2f44ebba77ffe4a9c3 — AV detection: 32 / 69 (46.38%)
a265573ebd301140c44ef0c7de348f3b — AV detection: 29 / 72 (40.28%)
b545386a0c6d4817ae2e1b89e8bd995f — AV detection: 32 / 69 (46.38%)
b7ff5d1d96f5de058800dba4620346aa — AV detection: 20 / 70 (28.57%)
c6e0a27c16826a88563f0cb351b37889 — AV detection: 33 / 69 (47.83%)
d93d8d903cc4474d61ca4d8d49823d47 — AV detection: 32/41 (78.05%)
dc586ad2525632b7febeabf20aec7bd7 — AV detection: 33 / 69 (47.83%)
df2f450e3289d38605bfd0e1b70ed44e — AV detection: 35 / 66 (53.03%)
f0105193efa65271b95902017d7db2ac — AV detection: 51 / 71 (71.83%)
f902244ae373552ee597bb77934e9ccf — AV detection: 32 / 69 (46.38%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.