Details

_id 5efbb659353352821661a2ff
reference ['https://www.virustotal.com/gui/url/877228c86575c18e09ad11216a501605d39f49d1bbf798451fde2acd58695837/details']
md5 []
sha1 []
sha256 ['877228c86575c18e09ad11216a501605d39f49d1bbf798451fde2acd58695837']
mail []
ip ['136.243.18.221', '209.141.47.169']
domain []
url ['http://136.243.18.221:808/808/uc.sh', 'http://136.243.18.221:808/808/linux_arm']
user bad_packets
tweet Active #DDoS malware payload detected: http://136.243.18.221:808/808/uc.sh http://136.243.18.221:808/808/linux_arm ( https://www.virustotal.com/gui/url/877228c86575c18e09ad11216a501605d39f49d1bbf798451fde2acd58695837/details …) Hosting provider: Hetzner (AS24940 ) Exploit attempt source IP: 209.141.47.169 () Target: Docker API endpoints #threatintel pic.twitter.com/S9FkId5SuQ
id 1278043588706762752
retweets 13
favorites 15
link https://twitter.com/bad_packets/status/1278043588706762752
mentions []
hashtags ['#DDoS', '#threatintel']
timestamp 1593544311
date 2020-06-30 21:11:51

Tweet