Socelars botnet controller @185.209.229.184

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Socelars botnet controller located at 185.209.229.184 on port 80 (using HTTP GET):
hXXp://www.kittyschwartz.com/

$ dig +short www.kittyschwartz.com
185.209.229.184

$ nslookup 185.209.229.184
vmi718271.contaboserver.net

Referencing malware binaries (MD5 hash):
0f68c0ac8f874481a85e5d323c84fa63 — AV detection: 49 / 67 (73.13)
5ca211b48b43359ab62a59db198e57b3 — AV detection: 35 / 66 (53.03)
a751d63055d095450ccf41ecad484077 — AV detection: 29 / 67 (43.28)
a8c7db160e90a10bd623ae0496f78660 — AV detection: 40 / 68 (58.82)
a9650583455ebb93e83a9e841bcec75e — AV detection: 44 / 66 (66.67)
b135097a8e0d137b664b7c9eadc6caea — AV detection: 34 / 65 (52.31)
d28bb494b44f7e20f32fe4bb07af34ee — AV detection: 48 / 66 (72.73)
d9552a15a61f255df3206b63ee0383be — AV detection: 39 / 68 (57.35)

Опубликовано
В рубрике contabo.de

Добавить комментарий

Ваш адрес email не будет опубликован.