Locky C2 :: 88.198.119.177

Host Information

Locky C2:88.198.119.177
Threat:C2
Malware:Locky
URL:http://88.198.119.177/submit.php
Host Status:offline
Firstseen (UTC):2016-03-31 23:21:06
Lastseen (UTC):2016-04-04 19:28:59

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-04-01 07:16:102016-05-04 15:28:0888.198.119.177static.88-198-119-177.clients.your-server.deNot listedAS24940HETZNER-AS Hetzner Online GmbH, DE- Germany (DE)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-04 11:01:16e555e71b31202a36ce4fe1a0eb2dbd05208'896 bytesVirustotal results 2/55 (3.64%) http://88.198.119.177/submit.php
2016-04-03 20:44:060ea6695de67c83d9e1a6051f644dc479212'992 bytesVirustotal results 11/57 (19.30%) http://88.198.119.177/submit.php
2016-04-03 20:42:1844b4ea8c8db692515bff77ce4e93b4af200'704 bytesVirustotal results 21/56 (37.50%) http://88.198.119.177/submit.php
2016-04-03 20:40:36a46940ac1c66726ef9128365716db30f200'704 bytesVirustotal results 4/57 (7.02%) http://88.198.119.177/submit.php
2016-04-03 08:59:290e223d578eaddec361498591ec8c1a19161'279 bytesVirustotal results 13/55 (23.64%) http://88.198.119.177/submit.php
2016-04-02 14:47:17263659d18af0d44dfd9288eddf3acf35204'800 bytesVirustotal results 32/57 (56.14%) http://88.198.119.177/submit.php
2016-04-02 14:43:243bbe188f3cfe4a013a0c0050b1e500aa200'704 bytesVirustotal results 4/56 (7.14%) http://88.198.119.177/submit.php
2016-04-02 10:43:110b89ef4b18521e98d6158423a5a9300a854'054 bytesVirustotal results 8/57 (14.04%) http://88.198.119.177/submit.php
2016-04-02 07:14:39a5eef169b6e594c25ab4b2dc1907cf1a168'960 bytesVirustotal results 7/56 (12.50%) http://88.198.119.177/submit.php
2016-04-02 07:14:012a2c51366acadf44afc6a967841e8cc9168'448 bytesVirustotal results 15/56 (26.79%) http://88.198.119.177/submit.php
2016-04-01 14:27:52ebffe6161177e8040d16a19c5ea1d13c168'960 bytesVirustotal results 6/57 (10.53%) http://88.198.119.177/submit.php
2016-04-01 14:27:4588d7d2082fc9d40354a39d5b2dc9d8da168'448 bytesVirustotal results 6/57 (10.53%) http://88.198.119.177/submit.php
2016-04-01 14:27:4271c7fbf2f0c929f7c027e05aeb8f250b168'960 bytesVirustotal results 9/55 (16.36%) http://88.198.119.177/submit.php
2016-04-01 14:27:385032396aa8b560c568dae54f8829dd74168'448 bytesVirustotal results 34/57 (59.65%) http://88.198.119.177/submit.php
2016-04-01 06:01:393695be34f6aea05daaa9cef74e7a5d7f204'800 bytesVirustotal results 5/56 (8.93%) http://88.198.119.177/submit.php
2016-03-31 14:21:22a933268d9a921acc6d1de4dd80966432204'800 bytesVirustotal results 4/56 (7.14%) http://88.198.119.177/submit.php

Referencing malware samples: 16