Locky Distribution Site :: miliaraic.ru

Host Information

Locky Distribution Site:miliaraic.ru
Threat:Distribution Site
Malware:Locky
URL:http://miliaraic.ru/p66/87thiuh3gfDGS
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:R01-RU
Firstseen (UTC):2017-09-18 09:16:28
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-09-19 15:52:20never109.86.87.211211.87.86.109.triolan.netNot listedAS13188BANKINFORM-AS CONTENT DELIVERY NETWORK L[...]- Ukraine (UA)
no2017-09-19 15:52:20never109.86.87.211211.87.86.109.triolan.netNot listedAS13188BANKINFORM-AS CONTENT DELIVERY NETWORK L[...]- Ukraine (UA)
no2017-09-19 15:52:202017-09-19 15:52:42109.86.87.211211.87.86.109.triolan.netNot listedAS13188BANKINFORM-AS CONTENT DELIVERY NETWORK L[...]- Ukraine (UA)
no2017-09-19 15:52:192017-09-19 15:52:38217.30.204.7cpe-217-30-204-7.enet.vn.uaNot listedAS49223EVEREST-AS, UA- Ukraine (UA)
no2017-09-19 15:52:172017-09-19 15:52:4193.79.68.24793-79-68-247.sumy.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 15:21:592017-09-19 15:22:5631.135.107.59unnamed.farline.netNot listedAS42239FARLINE 295011, Russian Federation, Simf[...]- Ukraine (UA)
no2017-09-19 15:21:582017-09-19 15:22:5546.63.60.91pool-46-63-60-91.x-city.uaNot listedAS51784X-CITY-AS , UA- Ukraine (UA)
no2017-09-19 15:21:572017-09-19 15:22:5685.198.134.40134-40.trifle.netNot listedAS6702APEXNCC-AS Gagarina avenue, building 7, [...]- Ukraine (UA)
no2017-09-19 15:21:542017-09-19 15:22:5537.21.28.183Not listedAS12389ROSTELECOM-AS, RU- Russian Federation (RU)
no2017-09-19 15:21:532017-09-19 15:22:5793.77.227.117dynamic.ter.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 15:21:522017-09-19 15:22:5893.79.61.18293-79-61-182.sumy.volia.netNot listedAS25229VOLIA-AS , UA- Ukraine (UA)
no2017-09-19 15:21:522017-09-19 15:22:5984.252.8.187602ad0c01e17.softphone.blizoo.bgNot listedAS13124IBGC, BG- Bulgaria (BG)
no2017-09-19 14:51:402017-09-19 14:52:2137.115.202.15637-115-202-156.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-09-19 14:51:372017-09-19 14:52:2489.22.252.236Not listedAS57093ASYALTA, UA- Ukraine (UA)
no2017-09-19 14:51:362017-09-19 14:52:2495.182.80.228Not listedAS50671GOROD-AS, RU- Russian Federation (RU)
no2017-09-19 14:51:352017-09-19 14:52:20159.224.25.4141.25.224.159.triolan.netNot listedAS13188TRIOLAN, UA- Ukraine (UA)
no2017-09-19 14:21:342017-09-19 14:22:42185.149.22.2238dd03.liecalifdohacleanings.infoNot listedAS56347MEDIANA-AS, UA- Ukraine (UA)
no2017-09-19 14:21:322017-09-19 14:22:4378.158.214.2pool.mirgiga.netNot listedAS48330GIGANET-UA-AS, UA- Ukraine (UA)
no2017-09-19 14:21:312017-09-19 14:22:4546.173.80.135Not listedAS48004KCT-AS ***MIRANDA***, UA- Ukraine (UA)
no2017-09-19 14:21:312017-09-19 14:22:4793.78.201.60unknown.pol.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 14:21:292017-09-19 14:22:48195.64.143.15Not listedAS29128DSIP-AS, UA- Ukraine (UA)
no2017-09-19 13:51:18never188.231.147.199188.231.147.199.freenet.com.uaNot listedAS31148FREENET-AS Freenet Ltd.,UA- Ukraine (UA)
no2017-09-19 13:51:182017-09-19 13:51:43188.231.147.199188.231.147.199.freenet.com.uaNot listedAS31148FREENET-AS Freenet Ltd.,UA- Ukraine (UA)
no2017-09-19 13:51:172017-09-19 13:51:435.13.72.575-13-72-57.residential.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-19 13:51:172017-09-19 13:51:46188.239.21.192188.239.21.192.nash.net.uaNot listedAS34743NASHNET-AS NashNet Ltd,UA- Ukraine (UA)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-18 14:31:17cd2e485d86bd2598a8728f81a54ba774649'216 bytesVirustotal results 59/67 (88.06%) n/a
2017-09-18 11:00:063b5698b90dd761d8a2d085859164a540649'216 bytesVirustotal results 25/64 (39.06%) n/a
2017-09-18 08:50:1520f2ca720cb4dcca9195113f258ca4ef630'784 bytesVirustotal results 25/64 (39.06%) Locky

Unique dropped files: 3