Phorpiex
Phorpiex/Trik botnet. 178.16.54.109 C2 IP. lb10/lb11/lb12 multistage payload. Spam + crypto mining + clipper.
- Spam Botnet / Loader
C2 Servers 4
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
178.16.54.109
Phorpiex payload URL (lb10/lb11/lb12.exe)
|
- | HTTP | Active | |
178.16.54.109
|
80 | HTTP | Active | |
178.16.54.109
|
80 | HTTP | Active | |
178.16.54.109
|
80 | HTTP | Active |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (4)
Phorpiex -- 178.16.54.109 C2 IP, lb10.exe lb11.exe lb12.exe Çok Aşamalı Payload Zinciri, MyAgent Mutex | Yüksek
Phorpiex 113KB. 178.16.54.109 C2 IP. lb10.exe lb11.exe lb12.exe ardışık cok asamali payload indirme. MyAgent mutex kimlik.
Read Report →Phorpiex Botnet -- 178.16.54.109 C2, lb10.exe+lb11.exe+lb12.exe Çoklu Payload | Yüksek
Phorpiex 113KB. 178.16.54.109 C2. lb10.exe lb11.exe lb12.exe coklu payload URL. Botnet numarali yukleyici zinciri.
Read Report →Phorpiex Botnet -- 178.16.54.109 IP C2, lb10/lb11/lb12.exe Zincir İndirme | Yüksek
Phorpiex 113KB. 178.16.54.109/lb10.exe + lb11.exe + lb12 zincir indirme IP C2. ip-api.com coğrafi konum. GetTickCount.
Read Report →Phorpiex -- 113KB, 178.16.54.109 Açık Metin C2, lb10.exe/lb11.exe Payload | Kritik
Phorpiex 113KB. 178.16.54.109 cleartext C2. lb10.exe/lb11.exe payload URL. ip-api.com GeoIP.
Read Report →