CryptoWall C2 :: www.hanecaklaw.com

Host Information

CryptoWall C2:www.hanecaklaw.com
Threat:C2
Malware:CryptoWall
URL:http://www.hanecaklaw.com/
Host Status:online
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GoDaddy.com, LLC
Firstseen (UTC):2017-09-08 17:25:29
Lastseen (UTC):2018-01-20 15:34:36

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this CryptoWall C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-02-06 07:30:402018-02-19 23:30:53192.185.193.212uplander.websitewelcome.comNot listedAS20013CYRUSONE - CyrusOne LLC, US- United States (US)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this CryptoWall C2:

Firstseen (UTC)MD5 hashFilesizeVTCryptoWall C2 URL
2018-01-19 10:03:349edebbc70ca94269eb4d54e48471fe13247'010 bytesVirustotal results 52/66 (78.79%) http://www.hanecaklaw.com/
2017-09-07 07:40:136c31e217d2e418fc6b29c8f494e876ec285'761 bytesVirustotal results 54/65 (83.08%) http://www.hanecaklaw.com/

Referencing malware samples: 2