Locky C2 :: 164.132.40.47

Host Information

Locky C2:164.132.40.47
Threat:C2
Malware:Locky
URL:http://164.132.40.47/userinfo.php
Host Status:offline
Firstseen (UTC):2016-05-26 07:40:47
Lastseen (UTC):2017-06-14 02:21:04

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-05-26 15:33:022017-07-14 23:59:22164.132.40.4747.ip-164-132-40.euNot listedAS16276OVH, FR- France (FR)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2017-06-13 15:10:286d9a09b7c487bbf7a0d4c86e8a699459182'784 bytesVirustotal results 42/57 (73.68%) http://164.132.40.47/userinfo.php
2016-05-27 22:31:24579eb4f17d08c5061d8cf71b96436a8a182'784 bytesVirustotal results 21/57 (36.84%) http://164.132.40.47/userinfo.php
2016-05-27 22:05:292809b79768b898adc24eb276e5866ce2182'784 bytesVirustotal results 38/57 (66.67%) http://164.132.40.47/userinfo.php
2016-05-27 22:01:331ef99356e1b53b6ccc163364a5418bf4182'272 bytesVirustotal results 19/56 (33.93%) http://164.132.40.47/userinfo.php
2016-05-27 21:35:31f5fdc2a9d330a7e607003445edd9dfc2182'272 bytesVirustotal results 19/57 (33.33%) http://164.132.40.47/userinfo.php
2016-05-27 21:35:16f0d96cecf681e1f5f1b7dbf9f6a518b6182'784 bytesVirustotal results 26/57 (45.61%) http://164.132.40.47/userinfo.php
2016-05-27 21:33:51d72d9aa76ab313d50f059774d78875de182'272 bytesVirustotal results 18/57 (31.58%) http://164.132.40.47/userinfo.php
2016-05-27 21:32:55c49177a1553b3240dfea69ee09d58b70182'784 bytesVirustotal results 33/55 (60.00%) http://164.132.40.47/userinfo.php
2016-05-27 21:32:36bf1890c2109ac0d6eb6183a98353c2ce182'784 bytesVirustotal results 41/57 (71.93%) http://164.132.40.47/userinfo.php
2016-05-27 21:31:41ac4e4c3cb5cc6c068466e937f48adcc8182'784 bytesVirustotal results 39/57 (68.42%) http://164.132.40.47/userinfo.php
2016-05-27 21:30:1290eb8948513e21a8c87f8295ac7e81f5182'784 bytesVirustotal results 36/52 (69.23%) http://164.132.40.47/userinfo.php
2016-05-27 21:29:2582f32982439cf4fa320a0f9a8e4adc98182'784 bytesVirustotal results 26/57 (45.61%) http://164.132.40.47/userinfo.php
2016-05-27 21:28:5177287dec5a92a3163c3c88ddecc8ba50182'784 bytesVirustotal results 41/57 (71.93%) http://164.132.40.47/userinfo.php
2016-05-27 21:28:47768b0a09344df69404d2466c5a45aaf0182'272 bytesVirustotal results 21/57 (36.84%) http://164.132.40.47/userinfo.php
2016-05-27 21:28:32710f6476ca3029e2017e6472b751127d182'272 bytesVirustotal results 22/57 (38.60%) http://164.132.40.47/userinfo.php
2016-05-27 21:24:4617f493da40a77f6bc7940f3166e9d89b182'784 bytesVirustotal results 42/57 (73.68%) http://164.132.40.47/userinfo.php
2016-05-27 21:24:39150ffde680083d6e8d814d93fdc5b5e8182'272 bytesVirustotal results 18/56 (32.14%) http://164.132.40.47/userinfo.php
2016-05-27 21:23:58053d6ae27d906e6303dd5604262ccd31182'784 bytesVirustotal results 37/57 (64.91%) http://164.132.40.47/userinfo.php
2016-05-26 19:40:33527290686ec5515f248d4d20c3bb29df241'664 bytesVirustotal results 33/56 (58.93%) http://164.132.40.47/userinfo.php
2016-05-25 12:16:57a2236e65f3d0849ca2b85775ade093ff172'574 bytesVirustotal results 4/57 (7.02%) http://164.132.40.47/userinfo.php

Referencing malware samples: 20