Locky C2 :: 84.19.170.244

Host Information

Locky C2:84.19.170.244
Threat:C2
Malware:Locky
URL:http://84.19.170.244/main.php
Host Status:offline
Firstseen (UTC):2016-03-23 12:20:59
Lastseen (UTC):2016-03-26 18:09:54

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-23 12:55:562016-04-25 14:13:3784.19.170.244300gb.ruNot listedAS31103KEYWEB-AS Keyweb AG, DE- Germany (DE)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-03-25 21:59:49524e13ef07357fbab04940481cb2b6e0204'800 bytesVirustotal results 18/56 (32.14%) http://84.19.170.244/main.php
2016-03-25 21:56:57614f3f5d74fceea2e9c1f563b40afab3167'936 bytesVirustotal results 38/58 (65.52%) http://84.19.170.244/main.php
2016-03-25 21:56:089729e5daf918b71f2b6e4dc3b3dbf6f3168'448 bytesVirustotal results 35/58 (60.34%) http://84.19.170.244/main.php
2016-03-25 21:55:40dc94259b39472a6edcdbef1236621462188'416 bytesVirustotal results 18/57 (31.58%) http://84.19.170.244/main.php
2016-03-25 08:02:54fc16bf16471b6e5ee0550366bac60475167'424 bytesVirustotal results 38/56 (67.86%) http://84.19.170.244/main.php
2016-03-25 08:02:41707ad4a9e590c53c5ec125d3c23be340167'424 bytesVirustotal results 35/57 (61.40%) http://84.19.170.244/main.php
2016-03-25 08:02:3560c7ed57a97455b7c624209df024765c168'960 bytesVirustotal results 27/57 (47.37%) http://84.19.170.244/main.php
2016-03-25 08:02:3355f6875bd70378e2f795015f68229cf8237'056 bytesVirustotal results 39/57 (68.42%) http://84.19.170.244/main.php
2016-03-25 08:02:325177b588ad21b683d2227bddd6c620b9236'544 bytesVirustotal results 39/57 (68.42%) http://84.19.170.244/main.php
2016-03-25 08:02:17048e922cce7bb7e74bef9ab1020548d4168'960 bytesVirustotal results 21/57 (36.84%) http://84.19.170.244/main.php
2016-03-24 22:35:327e6b483cb1bf5c9e4ffb9c753824194f200'704 bytesVirustotal results 30/57 (52.63%) http://84.19.170.244/main.php
2016-03-24 22:35:2540991b499ed2d169583fa8fa000fad26188'416 bytesVirustotal results 33/57 (57.89%) http://84.19.170.244/main.php
2016-03-24 22:34:311e1c683e3d965680fce2d1003193aa8e197'194 bytesVirustotal results 43/57 (75.44%) http://84.19.170.244/main.php
2016-03-24 22:32:0798ae957215f9cec1ece691d7da1587c0196'608 bytesVirustotal results 15/56 (26.79%) http://84.19.170.244/main.php
2016-03-24 22:30:2851b51e18bdb45cbf6400408a03685ba5192'512 bytesVirustotal results 32/56 (57.14%) http://84.19.170.244/main.php
2016-03-24 22:29:509d2c53abf39b2967b68329dcececd79a192'512 bytesVirustotal results 32/56 (57.14%) http://84.19.170.244/main.php
2016-03-24 22:10:09ed1a5b8ca693b4d30c723918a80d21c0123'547 bytesVirustotal results 38/56 (67.86%) http://84.19.170.244/main.php
2016-03-24 21:38:42b0aa56937d294fb3c58ef8edea35bc24167'936 bytesVirustotal results 33/55 (60.00%) http://84.19.170.244/main.php
2016-03-24 21:18:19a6a646b0f113731c06b3fa792c6e83b9168'448 bytesVirustotal results 34/57 (59.65%) http://84.19.170.244/main.php
2016-03-24 18:23:2287dfddf37622bb46f86f84b3b6efd9b1167'424 bytesVirustotal results 32/56 (57.14%) http://84.19.170.244/main.php
2016-03-24 18:08:4390f1e01f0939e9252640ca20fba29371167'424 bytesVirustotal results 13/56 (23.21%) http://84.19.170.244/main.php
2016-03-24 18:08:41895bf414503ad30b5f9104abd34e9969167'424 bytesVirustotal results 37/55 (67.27%) http://84.19.170.244/main.php
2016-03-24 18:08:3706af3457e70e544fd168f5b4d4ab84d0167'936 bytesVirustotal results 15/57 (26.32%) http://84.19.170.244/main.php
2016-03-24 18:08:36068b345ff8086a61d94e829b1a1d166e167'936 bytesVirustotal results 36/56 (64.29%) http://84.19.170.244/main.php
2016-03-24 17:58:12ccb4780e6f356aef6b86d41ddccfd254236'544 bytesVirustotal results 38/57 (66.67%) http://84.19.170.244/main.php
2016-03-24 17:58:11467429676f76e40c702427c720b52cee236'032 bytesVirustotal results 15/56 (26.79%) http://84.19.170.244/main.php
2016-03-24 17:48:2983dcdb821599a9760d1633109faf8c7f236'544 bytesVirustotal results 33/57 (57.89%) http://84.19.170.244/main.php
2016-03-24 17:48:283cb041debc5519d37e8b8a31332956d2236'544 bytesVirustotal results 39/57 (68.42%) http://84.19.170.244/main.php
2016-03-24 17:38:26c17401f3008a5026bb479bfb9b12ff69236'032 bytesVirustotal results 31/56 (55.36%) http://84.19.170.244/main.php
2016-03-24 17:38:256cb11f4066f74556dd14d27008d867b4236'544 bytesVirustotal results 39/57 (68.42%) http://84.19.170.244/main.php
2016-03-24 08:18:0321dd8a2ef43b76118136f2b23cb89664168'448 bytesVirustotal results 13/57 (22.81%) http://84.19.170.244/main.php
2016-03-24 00:06:54dc8a7fd22dcf34adeb98744d011cdf26196'608 bytesVirustotal results 9/57 (15.79%) http://84.19.170.244/main.php
2016-03-23 21:46:36acade3d938accde7ef03c2dcfa9e9713200'704 bytesVirustotal results 34/56 (60.71%) http://84.19.170.244/main.php
2016-03-23 21:44:59808a8eac400c6abf49d352ae1d944c2a184'320 bytesVirustotal results 35/57 (61.40%) http://84.19.170.244/main.php
2016-03-23 21:43:31d63567efea9b2014a58261f1dfdc4d77180'224 bytesVirustotal results 7/57 (12.28%) http://84.19.170.244/main.php
2016-03-23 21:42:48b4ee7075339fade759a9d5f7cc48b15e236'032 bytesVirustotal results 16/56 (28.57%) http://84.19.170.244/main.php
2016-03-23 21:27:45330644502a6581d17c658ae518723843236'032 bytesVirustotal results 37/57 (64.91%) http://84.19.170.244/main.php
2016-03-23 21:26:14e9b373ad5121f58b5378185f72423cd1168'448 bytesVirustotal results 26/56 (46.43%) http://84.19.170.244/main.php
2016-03-23 21:23:50d481dfead2946fe8a60a02128ca45945109'297 bytesVirustotal results 34/57 (59.65%) http://84.19.170.244/main.php
2016-03-23 15:00:03120cb5a0c38b9c0899fd97fca60c3e3c168'448 bytesVirustotal results 6/57 (10.53%) http://84.19.170.244/main.php
2016-03-23 13:34:025ee9739aefbea668149c2f6ea18d1cf0168'448 bytesVirustotal results 3/56 (5.36%) http://84.19.170.244/main.php
2016-03-23 10:39:03cb9de0627dbf56491cc967d37dc09ec2184'320 bytesVirustotal results 20/57 (35.09%) http://84.19.170.244/main.php
2016-03-23 10:19:43f417b107339b79a49e4e63e116e84a32196'608 bytesVirustotal results 33/58 (56.90%) http://84.19.170.244/main.php
2016-03-22 13:29:39196893382e49b4d51d1ec82e3fa4a9c0196'608 bytesVirustotal results 4/56 (7.14%) http://84.19.170.244/main.php
2016-03-22 06:33:0022660fe1a9ce6dc15dd9e9b2f9465a39204'800 bytesn/ahttp://84.19.170.244/main.php

Referencing malware samples: 45