Locky Distribution Site :: papercraftstyle.com
Host Information
| Locky Distribution Site: | papercraftstyle.com | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | ENOM, INC. | |
| Nameserver(s): | ns1.dnsnuts.com | |
| ns2.dnsnuts.com | ||
| Firstseen (UTC): | 2016-11-23 10:35:04 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-12-08 13:34:09 | http://papercraftstyle.com/hb74 | ||
| 2016-11-23 10:35:04 | http://papercraftstyle.com/988gd4 |
# of URLs: 2
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| yes | 2018-09-23 03:00:18 | 2019-04-25 02:55:19 | 207.244.67.216 | Not listed | AS30633 | LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.[...] |  United States (US) | |
| no | 2018-09-18 03:01:04 | 2019-04-25 02:05:14 | 64.32.8.70 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-09-18 02:14:51 | 2019-04-19 02:56:23 | 46.166.182.112 | Not listed | AS43350 | NFORCE, NL |  Netherlands (NL) | |
| no | 2018-10-01 02:13:17 | 2019-03-12 02:56:35 | 46.166.182.113 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-09-24 03:01:37 | 2019-04-22 02:06:11 | 46.166.182.114 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-11-11 02:12:47 | 2019-04-06 02:05:21 | 46.166.182.115 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-10-15 02:12:50 | 2019-04-14 02:06:14 | 46.166.182.116 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-09-19 02:14:57 | 2019-04-22 02:55:57 | 64.32.8.67 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-10-05 02:59:21 | 2019-04-16 02:07:29 | 64.32.8.68 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-09-23 02:13:39 | 2019-04-18 02:06:19 | 64.32.8.69 | customer.sharktech.net | Not listed | AS46844 | ST-BGP - Sharktech, US | United States (US) |
| no | 2018-09-21 02:13:29 | 2019-04-11 02:55:54 | 46.166.182.111 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2017-05-15 01:48:05 | 2017-05-21 01:45:32 | 69.64.147.39 | ash.parking.local | Not listed | AS55002 | ENOMAS1 - eNom, Incorporated, US | United States (US) |
| no | 2017-05-11 01:45:37 | 2017-05-14 01:52:03 | 69.64.147.47 | ash.parking.local | Not listed | AS55002 | ENOMAS1 - eNom, Incorporated, US | United States (US) |
| no | 2019-03-29 02:58:43 | 2019-04-03 02:06:13 | 81.171.22.4 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-26 02:04:03 | 2019-04-23 02:07:20 | 81.171.22.5 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-28 02:56:54 | never | 81.171.22.6 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2019-03-31 02:05:17 | 2019-04-21 02:55:42 | 81.171.22.7 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2017-04-11 01:45:59 | 2017-05-10 02:02:27 | 98.124.243.38 | Not listed | AS21740 | ENOMAS1 - eNom, Incorporated, US | United States (US) | |
| no | 2017-01-25 03:00:00 | 2017-04-10 02:03:05 | 104.236.224.29 | jobqueue-listener.jobqueue.netcraft.com-ua69a790ed53b4ab483a097772d64411fu-digitalocean | Not listed | AS14061 | DIGITALOCEAN-ASN-NY3 - Digital Ocean, In[...] | United States (US) |
| no | 2018-09-29 02:15:05 | 2019-04-23 02:56:56 | 46.166.182.110 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-09-28 03:01:28 | 2019-04-13 02:55:34 | 46.166.182.109 | Not listed | AS43350 | NFORCE, NL | Netherlands (NL) | |
| no | 2018-09-27 03:02:53 | 2019-04-24 02:58:11 | 37.48.65.151 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2018-09-22 02:14:29 | 2019-03-23 02:04:35 | 37.48.65.150 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2018-10-02 02:13:46 | 2019-04-20 02:05:34 | 37.48.65.149 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) | |
| no | 2018-09-20 02:14:43 | 2019-04-12 02:57:14 | 37.48.65.148 | Not listed | AS60781 | LEASEWEB-NL-AMS-01 Netherlands, NL | Netherlands (NL) |
# IPs found: 25 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-12-08 16:48:12 | f02e6a4094f16c643aeb2e1510f24d40 | 172'032 bytes |  6/55 (10.91%)
| n/a |
| 2016-12-05 04:47:28 | 214edbdb68ad7c7748a3f1d181f3048c | 62'074 bytes | n/a | n/a |
| 2016-11-23 12:50:51 | a848b6d934744a8228e861d3ca6f6e5f | 262'144 bytes | 9/54 (16.67%)
| n/a |
Unique dropped files: 3