Locky C2 :: 51.254.240.60

Host Information

Locky C2:51.254.240.60
Threat:C2
Malware:Locky
URL:http://51.254.240.60/userinfo.php
Host Status:offline
Firstseen (UTC):2016-04-28 18:00:40
Lastseen (UTC):2016-04-30 13:31:49

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-04-29 09:07:542016-05-30 13:49:3451.254.240.60Not listedAS16276OVH OVH SAS, FR- France (FR)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-29 14:53:18c492867c40851c748125dc5742b82801111'714 bytesVirustotal results 20/57 (35.09%) http://51.254.240.60/userinfo.php
2016-04-29 10:53:02eb49f361ed56cf58193cc3ef7bf6250a226'816 bytesVirustotal results 8/56 (14.29%) http://51.254.240.60/userinfo.php
2016-04-29 10:52:56b986b4396f001e508898baa4ba71367f226'816 bytesVirustotal results 15/56 (26.79%) http://51.254.240.60/userinfo.php
2016-04-29 10:52:4689df8a4d6fffca3f8d72eb00921b32b5226'816 bytesVirustotal results 19/57 (33.33%) http://51.254.240.60/userinfo.php
2016-04-29 10:52:313f03b44a0981ae6b05ad7e9b32b662d4226'816 bytesVirustotal results 13/56 (23.21%) http://51.254.240.60/userinfo.php
2016-04-29 10:52:210608285eed579359e5649881169ca920226'816 bytesVirustotal results 9/56 (16.07%) http://51.254.240.60/userinfo.php
2016-04-28 11:09:22a52ac037fcd84bac28e1243ab6442c8b180'224 bytesVirustotal results 9/57 (15.79%) http://51.254.240.60/userinfo.php
2016-04-28 11:09:06137e9311d5807974eabb5fa394de0a15180'224 bytesVirustotal results 7/56 (12.50%) http://51.254.240.60/userinfo.php

Referencing malware samples: 8