Locky Distribution Site :: mseriesbmw.top

Host Information

Locky Distribution Site:mseriesbmw.top
Threat:Distribution Site
Malware:Locky
URL:http://mseriesbmw.top/11.exe
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:LISTED
Domain Registar:Eranet International Limited
Firstseen (UTC):2017-02-22 14:46:47
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-02-23 18:31:172017-02-27 12:11:40204.236.209.248ec2-204-236-209-248.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-02-27 12:13:392017-02-28 12:08:4454.145.211.193ec2-54-145-211-193.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-02-22 14:46:472017-02-27 12:11:4054.203.3.240ec2-54-203-3-240.us-west-2.compute.amazonaws.comNot listedAS16509 AMAZON-02 - Amazon.com, Inc., US- United States (US)
no2017-02-22 14:48:272017-02-23 12:30:3054.242.93.246ec2-54-242-93-246.compute-1.amazonaws.comNot listedAS14618 AMAZON-AES - Amazon.com, Inc., US- United States (US)

# IPs found: 4 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-02-28 05:32:595d342227d8fd738f0882c0da385df5af462'848 bytesn/an/a
2017-02-27 19:50:049a435604a207e595fd036674d6e8205a202'462 bytesn/an/a
2017-02-27 15:50:3436007b011a34723dbe5ea81ae5273ae4331'346 bytesn/an/a
2017-02-24 04:50:33eead4bf33b6fc1de73bc6456ac3754ab177'858 bytesn/an/a
2017-02-23 21:34:550c330068b0053a908e72764cd7e0cc7e462'848 bytesn/an/a
2017-02-23 20:48:0431005c68ad6232d2d6db4dc216c2a401458'506 bytesn/an/a
2017-02-23 17:46:26d4b8be387c9399279eec76c1b4fec56b98'058 bytesn/an/a
2017-02-23 17:18:0174202bd41bd4ced1b81f60c0edaec988229'130 bytesn/an/a
2017-02-23 16:03:018d125bc5b726e04fc8e20184c34e2607294'666 bytesn/an/a
2017-02-23 16:03:0198ac1069e649de015999b3926ebb18dc360'202 bytesn/an/a
2017-02-23 15:36:013285821ebb0c124d3ccf0c2916ddda8665'290 bytesn/an/a
2017-02-23 15:18:02098676bdaf360389613b1b2a0252d7b7196'362 bytesn/an/a
2017-02-23 14:45:548fad197cc444258fa7094eddcc3834be392'970 bytesn/an/a
2017-02-23 12:06:12ed428546d562febd364c727bc6d1e41a462'848 bytesVirustotal results 35/57 (61.40%) Locky
2017-02-23 00:40:12aaefd589fede98d96ddbebde279f5d21443'904 bytesVirustotal results 9/59 (15.25%) n/a
2017-02-22 14:48:1507f799cfcd7ca681d76e637a3cc9e64a459'776 bytesVirustotal results 11/56 (19.64%) Locky

Unique dropped files: 16