The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Socelars botnet controller located at 185.169.252.236 on port 80 (using HTTP POST):
hXXp://www.adcbnwa.com/Home/Index/hdecny
$ dig +short www.adcbnwa.com
185.169.252.236
$ nslookup 185.169.252.236
vmi803628.contaboserver.net
Referencing malware binaries (MD5 hash):
1601b70900caa45778af2388285d742d — AV detection: 43 / 71 (60.56)
27b8f48c5402875ce3d4e2cbe912be72 — AV detection: 47 / 69 (68.12)
28551abad9d5e9042d6a6fbeff5277c4 — AV detection: 45 / 70 (64.29)
319aa553383517c3163ed5ac53dea0e7 — AV detection: 39 / 66 (59.09)
4360a3bfb142fa470e37f16de553441f — AV detection: 49 / 69 (71.01)
a33d64385e0b023d7f82db1bcdab952e — AV detection: 38 / 69 (55.07)
a7b0c9980645da74afeaeba404e11a5e — AV detection: 47 / 69 (68.12)
b227ab1226086d89cdf3c5346de9599e — AV detection: 40 / 66 (60.61)
b3caaa2ccd4e6345a2924ddaf7b4530b — AV detection: 44 / 69 (63.77)
b5eb3da4631629ccce826c296ec1388b — AV detection: 38 / 67 (56.72)
b85f78a58fd733b105e2126023658d18 — AV detection: 13 / 70 (18.57)
be039f3b5ecb22d4ec33917b6008b2ad — AV detection: 40 / 70 (57.14)
bff3190080d2b4d8284e0174233cbe65 — AV detection: 41 / 68 (60.29)
c32c240c67fe4d693259d53e370f02dc — AV detection: 42 / 71 (59.15)
cec977fcca8285346e7a3744ecfcbd57 — AV detection: 44 / 69 (63.77)
e333a1ad16f5aa8be4ecf2de9620afe9 — AV detection: 46 / 71 (64.79)
e6549e1cd3cb23b3eddec2614a707cac — AV detection: 44 / 71 (61.97)
fdb1fb706bbadbbe1f15b8f3674c88cb — AV detection: 41 / 71 (57.75)
Other malicious domain names hosted on this IP address:
www.ekgcp.com 185.169.252.236
www.sexypjs.com 185.169.252.236
www.adcbnwa.com 185.169.252.236