0xrab
@redrabyt.es
Developer, threat reporter, OSINT, CNCs reverser.
IP: 103.13.210.153 (AS41436)
URL: hxxp://103.13.210.153/bins/ (open dir)
C2 endpoint: 103.13.210.153:1312
Listener endpoint: 103.13.210.153:3912
Infos: It's a mirai which is vulnerable to "buffer overflow".
URL: hxxp://103.13.210.153/bins/ (open dir)
C2 endpoint: 103.13.210.153:1312
Listener endpoint: 103.13.210.153:3912
Infos: It's a mirai which is vulnerable to "buffer overflow".
October 9, 2023 at 9:55 AM
IP: 103.13.210.153 (AS41436)
URL: hxxp://103.13.210.153/bins/ (open dir)
C2 endpoint: 103.13.210.153:1312
Listener endpoint: 103.13.210.153:3912
Infos: It's a mirai which is vulnerable to "buffer overflow".
URL: hxxp://103.13.210.153/bins/ (open dir)
C2 endpoint: 103.13.210.153:1312
Listener endpoint: 103.13.210.153:3912
Infos: It's a mirai which is vulnerable to "buffer overflow".
IP: 194.180.48.105 (AS211252)
URL: hxxp://194.180.48.105/d
Listener endpoint: 194.180.48.105:6667
URL: hxxp://194.180.48.105/d
Listener endpoint: 194.180.48.105:6667
October 6, 2023 at 12:53 PM
IP: 194.180.48.105 (AS211252)
URL: hxxp://194.180.48.105/d
Listener endpoint: 194.180.48.105:6667
URL: hxxp://194.180.48.105/d
Listener endpoint: 194.180.48.105:6667
IP: 80.94.92.20 (AS47890)
URL: hxxp://80.94.92.20/ssh (already reported)
C2 endpoint: 80.94.92.20:59666
Listener endpoint: 80.94.92.20:24529
Infos: It's a mirai which is vulnerable to "buffer overflow".
URL: hxxp://80.94.92.20/ssh (already reported)
C2 endpoint: 80.94.92.20:59666
Listener endpoint: 80.94.92.20:24529
Infos: It's a mirai which is vulnerable to "buffer overflow".
October 6, 2023 at 12:53 PM
IP: 80.94.92.20 (AS47890)
URL: hxxp://80.94.92.20/ssh (already reported)
C2 endpoint: 80.94.92.20:59666
Listener endpoint: 80.94.92.20:24529
Infos: It's a mirai which is vulnerable to "buffer overflow".
URL: hxxp://80.94.92.20/ssh (already reported)
C2 endpoint: 80.94.92.20:59666
Listener endpoint: 80.94.92.20:24529
Infos: It's a mirai which is vulnerable to "buffer overflow".
