Locky C2 :: 176.31.47.100

Host Information

Locky C2:176.31.47.100
Threat:C2
Malware:Locky
URL:http://176.31.47.100/main.php
Host Status:offline
Firstseen (UTC):2016-03-27 17:37:06
Lastseen (UTC):2016-05-26 20:17:06

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-27 18:25:312016-06-25 16:51:05176.31.47.100Not listedAS16276OVH , FR- France (FR)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-05-25 19:35:02de6c020b8639fda713fbe2285dc6740c151'552 bytesVirustotal results 33/57 (57.89%) http://176.31.47.100/userinfo.php
2016-05-25 18:45:29a01d60682ad5fadc9018908185e8cde3151'552 bytesVirustotal results 33/57 (57.89%) http://176.31.47.100/userinfo.php
2016-05-25 17:40:141f46e31835b0f228877e161f59e6cc0a151'552 bytesVirustotal results 39/56 (69.64%) http://176.31.47.100/userinfo.php
2016-05-25 17:40:11d74d9cedc91f5f003e5bab3bf5c08b38151'552 bytesVirustotal results 35/57 (61.40%) http://176.31.47.100/userinfo.php
2016-05-25 17:38:14d0cf0184006e364b40cc2007879dbb88245'760 bytesVirustotal results 34/57 (59.65%) http://176.31.47.100/userinfo.php
2016-05-25 17:32:3264eef31dc4cd4dc1ca51b6686e4cdaa1151'552 bytesVirustotal results 36/57 (63.16%) http://176.31.47.100/userinfo.php
2016-05-25 17:29:53282321b62f01e1819432560c1efe1ba0151'552 bytesVirustotal results 35/56 (62.50%) http://176.31.47.100/userinfo.php
2016-03-28 14:32:24c0f0a71914cd0b309079a9365801501c184'320 bytesVirustotal results 6/58 (10.34%) http://176.31.47.100/main.php
2016-03-28 13:26:0476cf1f230abb93ddcb4679b4dace6afd176'128 bytesVirustotal results 39/57 (68.42%) http://176.31.47.100/main.php
2016-03-27 09:32:20937b90d3353ca3a445598a2e3f40cd65156'160 bytesVirustotal results 26/58 (44.83%) http://176.31.47.100/main.php
2016-03-27 09:32:197e8daa6ee23507f43f8f66f433c083a6155'648 bytesVirustotal results 16/58 (27.59%) http://176.31.47.100/main.php
2016-03-27 09:32:186a223435ea13d589072e0cc8ad6b4d09155'648 bytesVirustotal results 29/57 (50.88%) http://176.31.47.100/main.php
2016-03-26 23:09:4253795a15dd8b6e550b1465e1f0418491176'128 bytesVirustotal results 28/58 (48.28%) http://176.31.47.100/main.php
2016-03-26 22:43:2209b36ba3777dff5a368afdc44633405a213'504 bytesVirustotal results 31/57 (54.39%) http://176.31.47.100/main.php
2016-03-26 22:28:49e124b7fd3c1d48177d02089c7887aa39180'224 bytesVirustotal results 6/57 (10.53%) http://176.31.47.100/main.php

Referencing malware samples: 15