Locky C2 :: 91.226.92.204

Host Information

Locky C2:91.226.92.204
Threat:C2
Malware:Locky
URL:http://91.226.92.204/checkupdate
Host Status:offline
Firstseen (UTC):2018-08-09 16:50:50
Lastseen (UTC):2018-08-11 03:26:56

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-08-09 16:52:422018-09-10 23:58:0891.226.92.204204.92.226.91.sibhoster.ruNot listedAS12389ROSTELECOM-AS, RU- Russian Federation (RU)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2018-08-08 17:37:20bf3f475330bba1aa196588b84a7f987c322'048 bytesVirustotal results 18/68 (26.47%) http://91.226.92.204/checkupdate
2018-08-08 17:21:36b09ceca9d49bf03e4dc5b6869d9dead6233'472 bytesVirustotal results 17/66 (25.76%) http://91.226.92.204/checkupdate
2018-08-08 17:19:19af638f63aeea2b54dc6ac36875758c41214'016 bytesVirustotal results 47/68 (69.12%) http://91.226.92.204/checkupdate
2018-08-08 17:10:31ac63dd86f7646c0f09103a7a51d9e12c535'552 bytesVirustotal results 18/68 (26.47%) http://91.226.92.204/checkupdate
2018-08-08 17:09:38abf56f8ae3d23a58f84a102a82da75e4215'040 bytesVirustotal results 51/68 (75.00%) http://91.226.92.204/checkupdate

Referencing malware samples: 5