Smoke Loader botnet controller @172.67.171.107

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Smoke Loader botnet controller located at 172.67.171.107 on port 80 (using HTTP POST):
http://greenco2020.top/
http://greenco2021.top/
http://greenco2022.top/

$ dig +short greenco2020.top
172.67.171.107

Referencing malware binaries (MD5 hash):
050e0604ba92f40f9f058a80db861c48 — AV detection: 35 / 70 (50.00)
34986de696b41d666950082d56d8db69 — AV detection: 46 / 68 (67.65)
5ee10dfaad15bdf31a76db90f64222a3 — AV detection: 43 / 69 (62.32)
60300828011baa9d6d160a923c4f7a86 — AV detection: 36 / 69 (52.17)
60a8e6eb3eb160df820db81b89a97324 — AV detection: 50 / 67 (74.63)
7bcd02a87ba77dab192912fce1e600d0 — AV detection: 44 / 69 (63.77)
8162c87e4ab126dca9072ad3e0ce822d — AV detection: 46 / 68 (67.65)
af64d8441f62379713b4fbbae87e4fc5 — AV detection: 32 / 69 (46.38)
b3f0399bc7917b5cbfaf3e80d0c2af5c — AV detection: 49 / 70 (70.00)
b628fc267d7a45f2fc59e9f9ae9a7b26 — AV detection: 17 / 68 (25.00)
b9afd02a96c124fff37887b3cf3917d3 — AV detection: 44 / 69 (63.77)
c4d3f8e5364f24deac6010dff284db72 — AV detection: 51 / 69 (73.91)
c8c4a0c504b8c1141f538c3394016c80 — AV detection: 49 / 69 (71.01)
d3bf3476c07b22506f6d742493c89efc — AV detection: 42 / 69 (60.87)
fd0cc10e924d2db10670b588a69437f3 — AV detection: 49 / 70 (70.00)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *