Locky C2 :: 217.12.199.94
Host Information
| Locky C2: | 217.12.199.94 | |
|---|---|---|
| Threat: | C2 | |
| Malware: | Locky | |
| URL: | http://217.12.199.94/userinfo.php | |
| Host Status: | ||
| Firstseen (UTC): | 2018-07-17 11:15:14 | |
| Lastseen (UTC): | 2018-07-17 12:05:49 | |
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2018-07-17 11:18:53 | 2018-08-16 23:59:59 | 217.12.199.94 | isp-ua.webhostname.net.ua | Not listed | AS15626 | ITLAS, UA |  Ukraine (UA) |
# IPs found: 1 (max. 25)
Referencing malware samples
Latest 100 malware binaries referencing this Locky C2:
| Firstseen (UTC) | MD5 hash | Filesize | VT | Locky C2 URL |
|---|---|---|---|---|
| 2018-07-17 05:13:32 | 7923e2cf13fb03d8d6c06a13be91bb2c | 136'704 bytes |  35/57 (61.40%)
| http://217.12.199.94/userinfo.php |
| 2018-07-17 05:11:28 | 6c5955dbc6d9a61f8c6b3b3b6d400bd9 | 136'192 bytes | 36/57 (63.16%)
| http://217.12.199.94/userinfo.php |
Referencing malware samples: 2