Locky Distribution Site :: tealfortera.org

Host Information

Locky Distribution Site:tealfortera.org
Threat:Distribution Site
Malware:Locky
URL:http://tealfortera.org/RTgyfdred5.exe
Host Status:offline
Blacklist check:Spamhaus DBL:LISTED
 SURBL:LISTED
Domain Registar:Todaynic.com, Inc.
Firstseen (UTC):2017-09-06 12:30:14
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-09-07 07:57:422017-09-07 07:59:3546.173.94.167Not listedAS48004KCT-AS ***MIRANDA***, UA- Ukraine (UA)
no2017-09-07 07:57:422017-09-07 07:59:3480.242.102.55-102.plus.kerch.netNot listedAS39047KERCHNET-AS Multiservice Networks Ltd., [...]- Russian Federation (RU)
no2017-09-07 07:57:412017-09-07 07:59:3631.42.116.230Not listedAS8647OLGATV-AS, UA- Ukraine (UA)
no2017-09-07 07:57:402017-09-07 07:59:34178.54.160.108Not listedAS48437MEREZHA-UA-AS PP Merezha,UA- Ukraine (UA)
no2017-09-07 07:57:402017-09-07 07:59:34109.248.179.246Not listedAS15868NALTEL-AS, RU- Russian Federation (RU)
no2017-09-07 07:57:392017-09-07 07:59:335.13.77.2305-13-77-230.residential.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-07 07:57:382017-09-07 07:59:3677.122.143.177dynamic-77-122-143-177.volia.comNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-07 07:57:372017-09-07 07:59:3584.53.220.15584-53-220-155.domolink.elcom.ruNot listedAS12389ELCOM-ISP-AS, RU- Russian Federation (RU)
no2017-09-07 07:53:562017-09-07 07:55:3946.98.200.48Not listedAS15377FREGAT-AS ISP _Fregat_ Ltd.,UA- Ukraine (UA)
no2017-09-07 07:53:562017-09-07 07:55:34188.24.68.151188-24-68-151.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-07 07:53:352017-09-07 07:55:34134.249.212.17134-249-212-17.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-09-07 07:53:352017-09-07 07:55:3937.75.223.9292-223.plus.kerch.netNot listedAS39047KERCHNET-AS Multiservice Networks Ltd., [...]- Ukraine (UA)
no2017-09-07 07:34:162017-09-07 07:36:1631.14.232.225Not listedAS6910DIALTELECOM, RO- Romania (RO)
no2017-09-07 06:37:252017-09-07 09:23:0793.79.68.24793-79-68-247.sumy.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-07 06:37:232017-09-07 09:23:065.143.128.97Not listedAS29456BELSVYAZ-AS, RU- Russian Federation (RU)
no2017-09-07 06:37:212017-09-07 09:23:045.149.213.116host-116-213-149-5.sevstar.netNot listedAS35816SEVSTAR Sevastopol, Russia, RU- Ukraine (UA)
no2017-09-07 06:33:212017-09-07 08:51:3778.30.200.86host-86-200-30-78.sevstar.netNot listedAS35816SEVSTAR Sevastopol, Russia, RU- Ukraine (UA)
no2017-09-07 06:33:192017-09-07 08:51:3837.115.228.19337-115-228-193.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-09-07 06:22:492017-09-07 06:31:1237.115.149.2037-115-149-20.broadband.kyivstar.netNot listedAS15895KSNET-AS _Kyivstar_ PJSC,UA- Ukraine (UA)
no2017-09-07 06:22:472017-09-07 06:31:08109.251.77.218109.251.77.218.freenet.com.uaNot listedAS31148FREENET-AS, UA- Ukraine (UA)
no2017-09-07 06:22:462017-09-07 06:31:13176.121.201.56ip176-121-201-56.element.dn.uaNot listedAS47526BELOUS-AS, UA- Ukraine (UA)
no2017-09-07 06:19:202017-09-07 08:18:0895.134.38.221221-38-134-95.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-09-07 06:19:202017-09-07 08:18:0892.113.14.6464-14-113-92.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-09-07 06:19:202017-09-07 08:18:0579.117.111.3479-117-111-34.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-07 06:19:182017-09-07 08:18:0586.126.169.23886-126-169-238.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-06 12:30:23c8be3a7e91cfa426531935853823e4ba604'160 bytesVirustotal results 49/65 (75.38%) Locky

Unique dropped files: 1