Locky Distribution Site :: mrscrowe.net

Host Information

Locky Distribution Site:mrscrowe.net
Threat:Distribution Site
Malware:Locky
URL:http://mrscrowe.net/p66/9hgfdfyr6
Host Status:online
Blacklist check:Spamhaus DBL:LISTED
 SURBL:LISTED
Domain Registar:Eranet International Limited
Firstseen (UTC):2017-10-05 17:59:01
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-10-08 07:32:272017-10-08 07:32:50109.75.205.170Not listedAS59815TRK-METRO-AS, UA- Ukraine (UA)
no2017-10-08 07:32:272017-10-08 07:32:48178.93.62.130130-62-93-178.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-10-08 07:32:272017-10-08 07:32:4931.135.123.253unnamed.farline.netNot listedAS42239FARLINE 295011, Russian Federation, Simf[...]- Ukraine (UA)
no2017-10-08 07:32:262017-10-08 07:32:4746.250.16.18446.250.16.184.pool.breezein.netNot listedAS34661BREEZE-NETWORK, UA- Ukraine (UA)
no2017-10-08 07:32:262017-10-08 07:32:47151.0.29.2Not listedAS45025EDN-AS, UA- Ukraine (UA)
no2017-10-08 07:32:252017-10-08 07:32:49188.75.243.196subscriber-188-75-243-196.mts-chita.ruNot listedAS48212MKS-CHITA-AS, RU- Russian Federation (RU)
no2017-10-08 07:02:392017-10-08 07:03:025.105.122.635-105-122-63.mytrinity.com.uaNot listedAS43554CDS-AS, UA- Ukraine (UA)
no2017-10-08 07:02:392017-10-08 07:03:03178.35.250.189pppoe-178-35-250-189.kbrnet.ruNot listedAS43132KBT-AS Branch, former Kabbalktelecom, RU- Russian Federation (RU)
no2017-10-08 06:32:122017-10-08 06:32:4886.121.59.3086-121-59-30.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-10-08 06:32:122017-10-08 06:32:47213.111.152.174Not listedAS35804AL, UA- Ukraine (UA)
no2017-10-08 06:32:092017-10-08 06:32:48109.162.2.39109-162-2-39.broadband.kyivstar.netNot listedAS15895KSNET-AS _Kyivstar_ PJSC,UA- Ukraine (UA)
no2017-10-08 06:02:132017-10-08 06:02:3791.235.12.241host-91-235-12-241.transnet.wsNot listedAS51211ASTRANSNET, CZ- Ukraine (UA)
no2017-10-08 06:02:112017-10-08 06:02:3695.182.94.17995-182-94-179.yourclouddoctor.comNot listedAS50671GOROD-AS, RU- Russian Federation (RU)
no2017-10-08 06:02:112017-10-08 06:02:3846.173.89.163Not listedAS48004KCT-AS ***MIRANDA***, UA- Ukraine (UA)
no2017-10-08 05:32:132017-10-08 05:33:185.59.38.965-59-38-96.sivash.netNot listedAS39248SIVASH-AS Balashiha, Russia, UA- Ukraine (UA)
no2017-10-08 05:32:132017-10-08 05:33:1982.137.41.15482-137-41-154.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-10-08 05:32:122017-10-08 05:33:1637.229.222.5037-229-222-50.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-10-08 05:32:092017-10-08 07:03:0424.70.200.191S0106a84e3fe5a933.ok.shawcable.netNot listedAS6327SHAW - Shaw Communications Inc., CA- Canada (CA)
no2017-10-08 05:02:122017-10-08 05:02:3577.122.179.58dynamic-77-122-179-058.volia.comNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-10-08 05:02:122017-10-08 05:02:3491.225.73.155user.155.73.225.91.in-addr.arpaNot listedAS197175VITA-AS, UA- Ukraine (UA)
no2017-10-08 05:02:112017-10-08 05:02:3731.43.119.24unallocated.sta.lan.uaNot listedAS56433ASLANUA-NETWORK LocalNet Ltd.,UA- Ukraine (UA)
no2017-10-08 05:02:112017-10-08 05:02:3846.118.209.23546-118-209-235.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-10-08 05:02:092017-10-08 07:03:01176.113.230.44Not listedAS39728LUGANET-AS, UA- Ukraine (UA)
no2017-10-08 04:32:092017-10-08 04:32:32176.38.238.6host-176-38-238-6.la.net.uaNot listedAS39608LANETUA-AS Lanet Network Ltd.,UA- Ukraine (UA)
no2017-10-08 04:02:122017-10-08 04:02:32176.101.231.1Not listedAS57534ASAHMEDOV, RU- Russian Federation (RU)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-10-05 20:15:0986927f4d92665747679ab72a9be87b05593'920 bytesVirustotal results 60/68 (88.24%) n/a
2017-10-05 18:00:088f06d86848d535abe456d7769c072633593'920 bytesVirustotal results 21/66 (31.82%) n/a

Unique dropped files: 2