WSHRAT botnet controller @54.38.124.52

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 54.38.124.52 on port 5555 TCP:
$ telnet 54.38.124.52 5555
Trying 54.38.124.52…
Connected to 54.38.124.52.
Escape character is ‘^]’

$ nslookup 54.38.124.52
ip52.ip-54-38-124.eu

$ dig +short 3laallah.myvnc.com
54.38.124.52

Referencing malware samples:
MD5 2e49ab9cb1bcc2aef854c4ea0f4172b9

Опубликовано
В рубрике ovh.net

Добавить комментарий

Ваш адрес email не будет опубликован.