DMALocker C2 :: 5.8.63.54

Host Information

DMALocker C2:5.8.63.54
Threat:C2
Malware:DMALocker
URL:http://5.8.63.54/crypto/gate
Host Status:offline
Firstseen (UTC):2016-05-25 09:04:41
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this DMALocker C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-05-25 09:26:352016-06-26 18:51:575.8.63.54Not listedAS29182ISPSYSTEM-AS ISPsystem Autonomous System[...]- United States (US)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this DMALocker C2:

Firstseen (UTC)MD5 hashFilesizeVTDMALocker C2 URL
2016-05-26 15:14:28f4b39536c155873ca33732490f18b495124'928 bytesn/ahttp://5.8.63.54/crypto/gate
2016-05-26 06:13:0038968e7bf50217fd0f2d79b682437e5f120'320 bytesVirustotal results 9/57 (15.79%) http://5.8.63.54/crypto/gate
2016-05-25 08:10:04992cdae65c7e13d1dbe30299d60f0f2b311'808 bytesVirustotal results 6/57 (10.53%) http://5.8.63.54/crypto/gate
2016-05-25 05:58:29992ce17010349fcf50b292ff39279e7c310'784 bytesVirustotal results 5/57 (8.77%) http://5.8.63.54/crypto/gate
2016-05-24 14:01:277b701ddaaf8d9f22c065e98feb0de1ef327'680 bytesVirustotal results 4/57 (7.02%) http://5.8.63.54/crypto/gate
2016-05-23 22:44:38f676aba2d996eed2c194e9f5944446fa320'512 bytesVirustotal results 23/57 (40.35%) http://5.8.63.54/crypto/gate

Referencing malware samples: 6