Phorpiex

Phorpiex/Trik botnet. 178.16.54.109 C2 IP. lb10/lb11/lb12 multistage payload. Spam + crypto mining + clipper.

Threat Profile
Type Botnet
Programming LanguageC++
C2 ProtocolHTTP/P2P
First Seen2016
Targets Kuresel
Purpose / Capabilities
  • Spam Botnet / Loader

C2 Servers 4

4 Active
Address Port Protocol Status Action
178.16.54.109
Phorpiex payload URL (lb10/lb11/lb12.exe)
- HTTP Active
178.16.54.109
80 HTTP Active
178.16.54.109
80 HTTP Active
178.16.54.109
80 HTTP Active

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (4)

High

Phorpiex -- 178.16.54.109 C2 IP, lb10.exe lb11.exe lb12.exe Çok Aşamalı Payload Zinciri, MyAgent Mutex | Yüksek

Phorpiex 113KB. 178.16.54.109 C2 IP. lb10.exe lb11.exe lb12.exe ardışık cok asamali payload indirme. MyAgent mutex kimlik.

Read Report →
High

Phorpiex Botnet -- 178.16.54.109 C2, lb10.exe+lb11.exe+lb12.exe Çoklu Payload | Yüksek

Phorpiex 113KB. 178.16.54.109 C2. lb10.exe lb11.exe lb12.exe coklu payload URL. Botnet numarali yukleyici zinciri.

Read Report →
High

Phorpiex Botnet -- 178.16.54.109 IP C2, lb10/lb11/lb12.exe Zincir İndirme | Yüksek

Phorpiex 113KB. 178.16.54.109/lb10.exe + lb11.exe + lb12 zincir indirme IP C2. ip-api.com coğrafi konum. GetTickCount.

Read Report →
Critical

Phorpiex -- 113KB, 178.16.54.109 Açık Metin C2, lb10.exe/lb11.exe Payload | Kritik

Phorpiex 113KB. 178.16.54.109 cleartext C2. lb10.exe/lb11.exe payload URL. ip-api.com GeoIP.

Read Report →