Tofsee botnet controller @77.246.156.196

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 77.246.156.196 on port 420 TCP:
$ telnet 77.246.156.196 420
Trying 77.246.156.196…
Connected to 77.246.156.196.
Escape character is ‘^]’

$ nslookup 77.246.156.196
cybertex.example.com

Referencing malware samples (MD5 hash):
85909f500361ffb79815266a75e1d495 — AV detection: 26 / 68 (38.24%)
ab26e91450e14482f4eadb68c1fbdeb3 — AV detection: 27 / 68 (39.71%)
abc1dd26db944501da63b8233b855621 — AV detection: 26 / 68 (38.24%)
c142c1247f447a1f87c4807b7a4b73bc — AV detection: 38 / 68 (55.88%)
c411ebb78d9df7c1a74a5318e1c1aad8 — AV detection: 39 / 68 (57.35%)

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *