Vjw0rm botnet controller @40.88.141.204

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 40.88.141.204 on port 6200 TCP:
$ telnet 40.88.141.204 6200
Trying 40.88.141.204…
Connected to 40.88.141.204.
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:
5800js.duckdns.org 40.88.141.204
6200js.duckdns.org 40.88.141.204
6300js.duckdns.org 40.88.141.204

Referencing malware samples:
MD5 43668fd05f27d299e4ac10206dc3fe93
MD5 8e360cfe10e8ce9eeea8077ecb1f6631
MD5 989740b7f7dab7211c4005e833f37954
MD5 b52fe288ee67ceccaeee80dc4749c358
MD5 d8953385a8ee8490c61653b1d3e9917c

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *