TVRat botnet controller @104.21.62.22

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

TVRat botnet controller located at 104.21.62.22 on port 80 (using HTTP GET):
hXXp://pshzbnb.com/update.php

$ dig +short pshzbnb.com
104.21.62.22

Referencing malware binaries (MD5 hash):
6bc6b19a38122b926c4e3a5872283c56 — AV detection: 29 / 68 (42.65)
914b6d73313162fcb0207a6b5abf2dee — AV detection: 33 / 68 (48.53)
f2e0677ee2aac634405bd56fe7148036 — AV detection: 35 / 69 (50.72)
fa2df76c3c4e4f06db7895e7e55ad5a8 — AV detection: 32 / 69 (46.38)
fa4db4bdd09afbc45116e0487479ce99 — AV detection: 19 / 62 (30.65)
fdec732050d0b59d37e81453b746a5f3 — AV detection: 19 / 68 (27.94)

Добавить комментарий

Ваш адрес email не будет опубликован.