Locky C2 :: 185.75.46.4

Host Information

Locky C2:185.75.46.4
Threat:C2
Malware:Locky
URL:http://185.75.46.4/submit.php
Host Status:offline
Firstseen (UTC):2016-03-29 11:59:38
Lastseen (UTC):2016-04-01 08:35:20

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-29 13:05:362016-05-01 14:11:58185.75.46.4scanner.comNot listedAS62222QS-AS QuickSoft LLC, RU- Russian Federation (RU)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-01 00:54:186159c5d8a54ab76dec48a795b4b73318166'400 bytesVirustotal results 34/57 (59.65%) http://185.75.46.4/submit.php
2016-03-30 09:37:069d50bcbb9487430f92a500d6ed0cd8ff164'352 bytesVirustotal results 15/56 (26.79%) http://185.75.46.4/submit.php
2016-03-30 09:37:04598a0f26018fa23f7d46f9cd21fdc24a163'840 bytesVirustotal results 14/56 (25.00%) http://185.75.46.4/submit.php
2016-03-30 09:37:023eb688eb8a4a3a87dc7c39db8ce7718f163'328 bytesVirustotal results 28/56 (50.00%) http://185.75.46.4/submit.php
2016-03-30 08:56:03db8e6ed8d24d2ad2f5a09b9851c25fba163'840 bytesVirustotal results 22/55 (40.00%) http://185.75.46.4/submit.php
2016-03-30 08:56:02c6b7f5336ae4b985b0b523f3db76adbc163'840 bytesVirustotal results 29/56 (51.79%) http://185.75.46.4/submit.php
2016-03-30 08:55:54513b2bad427c31cc7c6f3a225ffc15f7162'816 bytesVirustotal results 5/56 (8.93%) http://185.75.46.4/submit.php
2016-03-30 08:55:5244b713d31d7ddde51b0790d356cc1816163'328 bytesVirustotal results 13/56 (23.21%) http://185.75.46.4/submit.php
2016-03-30 08:55:512b57d9b650820b3ca9f66ed5aadab237163'840 bytesVirustotal results 4/56 (7.14%) http://185.75.46.4/submit.php
2016-03-29 14:31:12f5279dbe89db9e33fa48c609f5f043c6166'912 bytesVirustotal results 4/56 (7.14%) http://185.75.46.4/submit.php
2016-03-29 14:31:09c57f72512fa5f47288e82054d58b9e8b167'424 bytesVirustotal results 34/57 (59.65%) http://185.75.46.4/submit.php
2016-03-29 11:49:30ab583c9202f705fbead50361356d660c167'936 bytesn/ahttp://185.75.46.4/submit.php
2016-03-29 11:49:2998cd1d2cc58142e1c662a71521229d04166'912 bytesVirustotal results 29/57 (50.88%) http://185.75.46.4/submit.php
2016-03-29 11:49:2786b735f30639165462f709e689daffcb167'424 bytesVirustotal results 4/57 (7.02%) http://185.75.46.4/submit.php
2016-03-29 11:49:223f34b185b6e0ee6d73602305bb9d2733166'912 bytesVirustotal results 36/57 (63.16%) http://185.75.46.4/submit.php
2016-03-29 11:49:213d148f33bc2e22218080d99f1f58336d168'960 bytesVirustotal results 37/57 (64.91%) http://185.75.46.4/submit.php

Referencing malware samples: 16