Locky C2 :: 185.22.67.108

Host Information

Locky C2:185.22.67.108
Threat:C2
Malware:Locky
URL:http://185.22.67.108/userinfo.php
Host Status:offline
Firstseen (UTC):2016-05-05 13:45:41
Lastseen (UTC):2016-05-10 04:13:33

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-05-06 06:35:242016-06-09 12:23:07185.22.67.108kornel-02.neolabs.netNot listedAS48716PS-AS , RU- Kazakhstan (KZ)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-05-09 20:42:25a2c8be7f272bdd1191bdf112ba1aa9ac180'224 bytesVirustotal results 29/57 (50.88%) http://185.22.67.108/userinfo.php
2016-05-08 11:12:453e733108c36c9d407f7a40868d251911179'712 bytesVirustotal results 10/57 (17.54%) http://185.22.67.108/userinfo.php
2016-05-08 11:06:47c9cbbb6364f51f790585aec9f5fa98cc179'712 bytesVirustotal results 27/57 (47.37%) http://185.22.67.108/userinfo.php
2016-05-06 20:22:45e4ad8906a152085e7564252b47f6c10d180'224 bytesVirustotal results 31/56 (55.36%) http://185.22.67.108/userinfo.php
2016-05-06 20:14:20d6e56a430c2c53104ca5b0cd092875b1179'712 bytesVirustotal results 30/56 (53.57%) http://185.22.67.108/userinfo.php
2016-05-06 19:28:20c6ff697b6c1b2164ede3fa5fac0e127a181'248 bytesVirustotal results 31/54 (57.41%) http://185.22.67.108/userinfo.php
2016-05-06 18:49:28b1c156ff3c59f19e30f96545bea247cf180'224 bytesVirustotal results 32/56 (57.14%) http://185.22.67.108/userinfo.php
2016-05-06 18:29:389fd4d9c87668844d3f645b6877d64d89180'224 bytesVirustotal results 11/55 (20.00%) http://185.22.67.108/userinfo.php
2016-05-06 18:22:03885c4cfbf0b9b7956adcbd5b93688836180'224 bytesVirustotal results 34/56 (60.71%) http://185.22.67.108/userinfo.php
2016-05-06 18:18:177e409b55d878a463e974b50c92cb172d179'712 bytesVirustotal results 34/56 (60.71%) http://185.22.67.108/userinfo.php
2016-05-06 18:08:3668aa9f8fdb7c43ebdb4a7b3a6ceb98d2180'224 bytesVirustotal results 34/56 (60.71%) http://185.22.67.108/userinfo.php
2016-05-06 18:04:355dce19699be78fa82e32a96aee436c44180'224 bytesVirustotal results 31/55 (56.36%) http://185.22.67.108/userinfo.php
2016-05-06 17:53:263d91e5f119093cf1639f8d38b35d1742180'224 bytesVirustotal results 30/56 (53.57%) http://185.22.67.108/userinfo.php
2016-05-06 17:49:202e96ae4983cdec64af16788300c50e9d180'224 bytesVirustotal results 32/57 (56.14%) http://185.22.67.108/userinfo.php
2016-05-06 17:47:4628b86d53228b2f5b042db52c3a6341fe180'224 bytesVirustotal results 30/56 (53.57%) http://185.22.67.108/userinfo.php
2016-05-06 17:43:031725b728a5225a47e3e6fc0092281071180'224 bytesVirustotal results 31/56 (55.36%) http://185.22.67.108/userinfo.php
2016-05-06 17:41:150fb871b4b329003dd29ed674228e0206180'224 bytesVirustotal results 29/56 (51.79%) http://185.22.67.108/userinfo.php
2016-05-06 17:31:54cb3425d0e436e358a07c3f38110135a1182'784 bytesVirustotal results 33/56 (58.93%) http://185.22.67.108/userinfo.php
2016-05-06 17:29:050c8f52995d8303837a3be33246658e0c179'712 bytesVirustotal results 34/56 (60.71%) http://185.22.67.108/userinfo.php
2016-05-06 11:21:4409f95bd2323574b6edeac8f8e349e4dd111'208 bytesVirustotal results 2/56 (3.57%) http://185.22.67.108/userinfo.php
2016-05-06 11:12:1785af825a34e5b0c000c6c4b4fa065d82179'712 bytesVirustotal results 3/55 (5.45%) http://185.22.67.108/userinfo.php
2016-05-06 07:25:2289b2bae66f6a8e24396fba2dfa062227109'703 bytesVirustotal results 14/55 (25.45%) http://185.22.67.108/userinfo.php
2016-05-05 07:11:45a6bf89594d36f2f5c499efde3c584bd0182'784 bytesVirustotal results 20/56 (35.71%) http://185.22.67.108/userinfo.php
2016-05-05 07:11:448adbcffe2cb52628afe8d6412c1e3a06181'760 bytesVirustotal results 19/56 (33.93%) http://185.22.67.108/userinfo.php
2016-05-04 17:54:165fc1ccd8530954f61ceeafb77e72045e182'784 bytesVirustotal results 11/53 (20.75%) http://185.22.67.108/userinfo.php

Referencing malware samples: 25