Locky C2 :: 51.254.240.45

Host Information

Locky C2:51.254.240.45
Threat:C2
Malware:Locky
URL:http://51.254.240.45/submit.php
Host Status:offline
Firstseen (UTC):2016-03-31 05:28:26
Lastseen (UTC):2016-04-02 13:08:06

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-31 10:22:392016-05-02 14:37:4051.254.240.45Not listedAS16276OVH OVH SAS, FR- France (FR)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-01 02:57:07b66eb4bcb2860ef48afbc1378e1ae545162'816 bytesVirustotal results 29/56 (51.79%) http://51.254.240.45/submit.php
2016-03-31 04:54:00f2d7345959861e55b51fdb254b18cde7169'984 bytesVirustotal results 17/56 (30.36%) http://51.254.240.45/submit.php
2016-03-31 04:53:58f17a54be9b844ee433d8212e49a1a674162'304 bytesVirustotal results 19/57 (33.33%) http://51.254.240.45/submit.php
2016-03-31 04:53:50dedd22e6140e7b556044e2f3097cf80d169'984 bytesVirustotal results 16/57 (28.07%) http://51.254.240.45/submit.php
2016-03-31 04:53:45c205c0e775dc05296184de656cd65680162'816 bytesVirustotal results 19/57 (33.33%) http://51.254.240.45/submit.php
2016-03-31 04:53:42b5f57cf1f1c5ae1c0fa5b965792cb620162'816 bytesVirustotal results 13/57 (22.81%) http://51.254.240.45/submit.php
2016-03-31 04:53:38af44cafc821ff931225c3f65dca77892169'472 bytesVirustotal results 19/56 (33.93%) http://51.254.240.45/submit.php
2016-03-31 04:53:37af3ae53a7222eb9fb04e6fa3bef5cecd168'960 bytesVirustotal results 14/57 (24.56%) http://51.254.240.45/submit.php
2016-03-31 04:53:3194823ecf4433a96544a9d90e6f5f5bfe162'816 bytesVirustotal results 20/57 (35.09%) http://51.254.240.45/submit.php
2016-03-31 04:53:26876290a62dd067e1f6537405f846e09b162'816 bytesVirustotal results 17/57 (29.82%) http://51.254.240.45/submit.php
2016-03-31 04:53:2483120c2c70d488a4116c003899baac36168'960 bytesVirustotal results 13/57 (22.81%) http://51.254.240.45/submit.php
2016-03-31 04:53:20798d577d549cc4e06cc0bbde1d2a9dbf163'328 bytesVirustotal results 18/57 (31.58%) http://51.254.240.45/submit.php
2016-03-31 04:53:135854919a1280121b54cd1a2f9236460c169'984 bytesVirustotal results 18/57 (31.58%) http://51.254.240.45/submit.php
2016-03-31 04:53:022d3f8c0287f18d0790bfd5a16c261327168'960 bytesVirustotal results 24/57 (42.11%) http://51.254.240.45/submit.php
2016-03-31 04:52:570fa95e0091a420249c9aa280aa091c8b162'816 bytesVirustotal results 14/57 (24.56%) http://51.254.240.45/submit.php
2016-03-31 04:52:5404d58531a78ca780428ebb9250a5510d162'816 bytesVirustotal results 24/57 (42.11%) http://51.254.240.45/submit.php
2016-03-31 04:52:5304717ff95bcb1e8ba85f7ed86a072d80162'816 bytesVirustotal results 19/57 (33.33%) http://51.254.240.45/submit.php
2016-03-30 12:48:23c4a3d8833e6bef5a1be6df459170366d162'816 bytesVirustotal results 6/56 (10.71%) http://51.254.240.45/submit.php

Referencing malware samples: 18