Locky C2 ::

Host Information

Locky C2:
Host Status:offline
Firstseen (UTC):2016-03-30 10:00:32
Lastseen (UTC):2016-04-05 18:06:52

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-30 12:15:392016-05-05 12:31:0383.217.25.239sifon1104.example.comNot listedAS200161DATAPRO-AS _DATAPRO_ Limited Liability C[...]- Russian Federation (RU)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-05 14:50:04d0110a483dd433963c2012d329c7b0ca196'608 bytesVirustotal results 23/57 (40.35%)
2016-04-01 03:29:45e6d44caa3a115721f316c98b4cd7457e196'608 bytesVirustotal results 24/57 (42.11%)
2016-04-01 00:32:29785f201736bf8b741a6b829ed046617e164'352 bytesVirustotal results 33/57 (57.89%)
2016-03-30 08:56:07f4c85431b8673e1a0095595e41f7d3b3163'840 bytesVirustotal results 25/55 (45.45%)
2016-03-30 08:56:06ec0fae82b75ee1d7ce72b49d97dec4a1163'840 bytesVirustotal results 23/56 (41.07%)
2016-03-30 08:56:04e731fc4434369ddfac8ec083e8f28994110'080 bytesVirustotal results 29/56 (51.79%)
2016-03-30 08:55:5350da25fee5229dc4bb740ea0d88aba4b165'888 bytesVirustotal results 24/55 (43.64%)
2016-03-30 05:51:13759f9c1bd67c9e32529d9bd53c1e456c196'608 bytesVirustotal results 3/57 (5.26%)

Referencing malware samples: 8