CryptoWall C2 :: www.chemes.eu

Host Information

CryptoWall C2:www.chemes.eu
Threat:C2
Malware:CryptoWall
URL:http://www.chemes.eu/wp-content/themes/decoy2/redux-framework/ReduxCore/inc/fields/info/2.php
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:Agnat Sp. z o.o.
Firstseen (UTC):2017-02-17 20:03:15
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this CryptoWall C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2017-02-18 07:51:142017-03-19 11:21:24193.239.44.116Not listedAS5588GTSCE GTS Central Europe / Antel Germany[...]- Poland (PL)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this CryptoWall C2:

Firstseen (UTC)MD5 hashFilesizeVTCryptoWall C2 URL
2017-02-16 07:58:0474d07e70a5ffb49c7bcc418bf87b7d07314'368 bytesVirustotal results 43/57 (75.44%) http://www.chemes.eu/wp-content/themes/decoy2/redux-framework/ReduxCore/inc/fields/info/2.php

Referencing malware samples: 1