Locky C2 :: acjhwpdjhlhbncf.click

Host Information

Locky C2:acjhwpdjhlhbncf.click
Threat:C2
Malware:Locky
URL:http://acjhwpdjhlhbncf.click/main.php
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:NAMECHEAP
Firstseen (UTC):2016-10-29 00:35:22
Lastseen (UTC):2016-10-29 03:04:01

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-10-29 06:22:502016-11-28 12:24:42208.100.26.234ip234.208-100-26.static.steadfastdns.netNot listedAS32748STEADFAST - Steadfast, US- United States (US)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-10-28 22:20:25817bdff5160b031437914a804df3a6c5138'123 bytesVirustotal results 28/57 (49.12%) http://acjhwpdjhlhbncf.click/main.php
2016-10-28 21:58:3755db6ac6cc6536951df83a24873c259c138'099 bytesVirustotal results 28/57 (49.12%) http://acjhwpdjhlhbncf.click/main.php

Referencing malware samples: 2