Locky Distribution Site :: thedarkpvp.net

Host Information

Locky Distribution Site:thedarkpvp.net
Threat:Distribution Site
Malware:Locky
URL:http://thedarkpvp.net/p66/uywtfgh36
Host Status:offline
Blacklist check:Spamhaus DBL:LISTED
 SURBL:LISTED
Domain Registar:Eranet International Limited
Firstseen (UTC):2017-10-06 11:27:39
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-10-08 07:31:372017-10-08 07:31:58188.75.243.196subscriber-188-75-243-196.mts-chita.ruNot listedAS48212MKS-CHITA-AS, RU- Russian Federation (RU)
no2017-10-08 07:31:372017-10-08 07:31:58178.93.62.130130-62-93-178.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-10-08 07:31:332017-10-08 07:31:5746.250.16.18446.250.16.184.pool.breezein.netNot listedAS34661BREEZE-NETWORK, UA- Ukraine (UA)
no2017-10-08 07:31:322017-10-08 07:31:56151.0.29.2Not listedAS45025EDN-AS, UA- Ukraine (UA)
no2017-10-08 07:31:322017-10-08 07:31:58109.75.205.170Not listedAS59815TRK-METRO-AS, UA- Ukraine (UA)
no2017-10-08 07:31:312017-10-08 07:31:5631.135.123.253unnamed.farline.netNot listedAS42239FARLINE 295011, Russian Federation, Simf[...]- Ukraine (UA)
no2017-10-08 07:01:48never176.113.230.44Not listedAS39728LUGANET-AS, UA- Ukraine (UA)
no2017-10-08 07:01:482017-10-08 07:04:11176.113.230.44Not listedAS39728LUGANET-AS, UA- Ukraine (UA)
no2017-10-08 07:01:462017-10-08 07:04:14109.251.77.218109.251.77.218.freenet.com.uaNot listedAS31148FREENET-AS, UA- Ukraine (UA)
no2017-10-08 07:01:452017-10-08 07:04:085.105.122.635-105-122-63.mytrinity.com.uaNot listedAS43554CDS-AS, UA- Ukraine (UA)
no2017-10-08 07:01:442017-10-08 07:04:11178.35.250.189pppoe-178-35-250-189.kbrnet.ruNot listedAS43132KBT-AS Branch, former Kabbalktelecom, RU- Russian Federation (RU)
no2017-10-08 06:31:272017-10-08 06:31:56213.111.152.174Not listedAS35804AL, UA- Ukraine (UA)
no2017-10-08 06:31:232017-10-08 06:31:57109.162.2.39109-162-2-39.broadband.kyivstar.netNot listedAS15895KSNET-AS _Kyivstar_ PJSC,UA- Ukraine (UA)
no2017-10-08 06:01:25never91.235.12.241host-91-235-12-241.transnet.wsNot listedAS51211ASTRANSNET, CZ- Ukraine (UA)
no2017-10-08 06:01:252017-10-08 06:01:4491.235.12.241host-91-235-12-241.transnet.wsNot listedAS51211ASTRANSNET, CZ- Ukraine (UA)
no2017-10-08 06:01:232017-10-08 06:01:4546.173.89.163Not listedAS48004KCT-AS ***MIRANDA***, UA- Ukraine (UA)
no2017-10-08 06:01:212017-10-08 06:01:4795.182.94.17995-182-94-179.yourclouddoctor.comNot listedAS50671GOROD-AS, RU- Russian Federation (RU)
no2017-10-08 05:31:312017-10-08 05:32:275.59.38.965-59-38-96.sivash.netNot listedAS39248SIVASH-AS Balashiha, Russia, UA- Ukraine (UA)
no2017-10-08 05:31:292017-10-08 05:32:3037.229.222.5037-229-222-50.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-10-08 05:31:282017-10-08 05:32:3082.137.41.15482-137-41-154.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-10-08 05:01:242017-10-08 05:01:47141.138.102.238cpe-141-138-102-238.enet.vn.uaNot listedAS49223EVEREST-AS, UA- Ukraine (UA)
no2017-10-08 04:31:212017-10-08 04:31:42176.38.238.6host-176-38-238-6.la.net.uaNot listedAS39608LANETUA-AS Lanet Network Ltd.,UA- Ukraine (UA)
no2017-10-08 04:31:192017-10-08 04:31:4294.45.75.200ip-4bc8.sunline.net.uaNot listedAS47678SUNLINE-AS _Sunline.net.ua_ LTD, UA- Ukraine (UA)
no2017-10-08 04:01:232017-10-08 04:01:4389.143.137.139BSN-143-137-139.dynamic.siol.netNot listedAS5603SIOL-NET Formerly SiOL Internet d.o.o., [...]- Slovenia (SI)
no2017-10-08 04:01:192017-10-08 04:01:43176.101.231.1Not listedAS57534ASAHMEDOV, RU- Russian Federation (RU)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-10-06 17:53:24f46d2daa482ccaeffe66511471d9f5c7591'872 bytesVirustotal results 58/68 (85.29%) n/a
2017-10-06 14:15:068b675466a4b435c474c1491101c67997585'728 bytesVirustotal results 21/66 (31.82%) n/a
2017-10-06 11:32:05f5b70adca0988e372210ba9da870a170585'728 bytesVirustotal results 15/65 (23.08%) n/a

Unique dropped files: 3