Vjw0rm botnet controller @51.81.193.203

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 51.81.193.203 on port 62742 TCP:
$ telnet 51.81.193.203 62742
Trying 51.81.193.203…
Connected to 51.81.193.203.
Escape character is ‘^]’

$ nslookup 51.81.193.203
ip203.ip-51-81-193.us

$ dig +short billypax-fax.dyn.home-webserver.de
51.81.193.203

Referencing malware samples (MD5 hash):
5443f54be37634afdf2a5461d1e0cafd — AV detection: 4 / 55 (7.27%)

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован.