GoARMBot for ARM x32 served by ChinaZ scums.
Attacker is 61.160.213.242 / AS23650 AS Number for CHINANET jiangsu
CNC is hostname basis:
This is the asshole:
#MalwareMUSTDie!
Attacker is 61.160.213.242 / AS23650 AS Number for CHINANET jiangsu
CNC is hostname basis:
Code: Select all
A chance to test my cnc cracker:china.28zst.cn has address 61.160.213.242 port 6004
(same address as attacker)
This is the asshole:
Code: Select all
Sample: https://www.virustotal.com/en/file/361c ... 444862425/$ checkreg 28zst.cn
Registrant Contact Email: scancesi@163.com
#MalwareMUSTDie!
Attachments
7z/infected
(927.31 KiB) Downloaded 49 times
(927.31 KiB) Downloaded 49 times