Locky C2 :: 91.200.14.73

Host Information

Locky C2:91.200.14.73
Threat:C2
Malware:Locky
URL:http://91.200.14.73/submit.php
Host Status:offline
Firstseen (UTC):2016-03-28 15:22:02
Lastseen (UTC):2016-04-17 04:13:05

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-03-29 13:04:432016-05-17 13:38:5291.200.14.73vps760.hidehost.netNot listedAS35804ALNET-AS PP SKS-Lugan, UA- Ukraine (UA)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-04-16 14:31:100552be08c576f38440adf241681f50d7167'936 bytesVirustotal results 42/56 (75.00%) http://91.200.14.73/submit.php
2016-04-01 03:12:39d08776a9e7d8917c8e36a5e9d5d33675159'232 bytesVirustotal results 6/58 (10.34%) http://91.200.14.73/submit.php
2016-04-01 03:12:12cfd6c91f9846c204d52b4e6d71f75740159'232 bytesVirustotal results 15/58 (25.86%) http://91.200.14.73/submit.php
2016-04-01 02:58:12b82ead143998d7ca24531f592098f065167'936 bytesVirustotal results 31/57 (54.39%) http://91.200.14.73/submit.php
2016-04-01 01:43:58434f2b2510126da7261ba1669fbaabaf159'744 bytesVirustotal results 29/57 (50.88%) http://91.200.14.73/submit.php
2016-04-01 01:17:301c518ca0c870a02d1dbda5a1e3631b31159'232 bytesVirustotal results 37/57 (64.91%) http://91.200.14.73/submit.php
2016-03-30 20:29:26c75e655247b9644d512c907485b95d20167'936 bytesVirustotal results 35/56 (62.50%) http://91.200.14.73/submit.php
2016-03-30 20:20:34d2a48df1d60b638e196b9ff7b7942fd1168'448 bytesVirustotal results 30/57 (52.63%) http://91.200.14.73/submit.php
2016-03-30 20:20:31b179185d8c778b769ee8cc5d0d36cf70159'232 bytesVirustotal results 6/57 (10.53%) http://91.200.14.73/submit.php
2016-03-29 18:57:301f1e3688f85070dd1e9a766d03b6817e172'032 bytesVirustotal results 14/58 (24.14%) http://91.200.14.73/submit.php
2016-03-29 06:04:0743d7a82c8317b49452cff1cc2e993dd2159'232 bytesVirustotal results 5/58 (8.62%) http://91.200.14.73/submit.php
2016-03-29 04:42:4566b17e85d778c8aa51ef635858faa8a3192'512 bytesVirustotal results 25/57 (43.86%) http://91.200.14.73/submit.php
2016-03-28 16:27:39400b1eb815c4567010ac6e908391105a156'237 bytesVirustotal results 6/58 (10.34%) http://91.200.14.73/submit.php
2016-03-27 18:10:197a3d24a705cbf7e6edad81a116c065f8143'360 bytesVirustotal results 35/57 (61.40%) http://91.200.14.73/submit.php

Referencing malware samples: 14