RemoteManipulator botnet controller @77.223.124.210

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 77.223.124.210 on port 5655 TCP:
$ telnet 77.223.124.210 5655
Trying 77.223.124.210…
Connected to 77.223.124.210.
Escape character is ‘^]’

$ dig +short rms-server.tektonit.ru
77.223.124.210

Referencing malware samples (MD5 hash):
82f18d250b9262253e3f358b26d8888b — AV detection: 23 / 70 (32.86%)
9e10ac404f0cb370f82fbebb94c9f3f3 — AV detection: 27 / 68 (39.71%)
ac9cded5244cc892780c4d676ab48b55 — AV detection: 41 / 65 (63.08%)
bcfeda2837e6b2aeda38ef81ae79c30a — AV detection: 34 / 70 (48.57%)

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован.