Locky C2 :: ytcijiooxdtlbevrh.info

Host Information

Locky C2:ytcijiooxdtlbevrh.info
Threat:C2
Malware:Locky
URL:http://ytcijiooxdtlbevrh.info/userinfo.php
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:Dynadot, LLC
Firstseen (UTC):2016-05-21 15:19:15
Lastseen (UTC):2016-05-21 22:05:42

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky C2. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2016-05-21 19:51:402016-06-20 17:13:0869.195.129.70Not listedAS19969JOESDATACENTER - Joe_s Datacenter, LLC, [...]- United States (US)

# IPs found: 1 (max. 25)

Referencing malware samples

Latest 100 malware binaries referencing this Locky C2:

Firstseen (UTC)MD5 hashFilesizeVTLocky C2 URL
2016-05-21 15:04:49dca0f778261122a58612c747de6c1677154'112 bytesVirustotal results 38/57 (66.67%) http://ytcijiooxdtlbevrh.info/userinfo.php
2016-05-21 15:01:48896d920d89697cf4f8f13af78a92de55154'112 bytesVirustotal results 39/57 (68.42%) http://ytcijiooxdtlbevrh.info/userinfo.php
2016-05-21 15:01:257bf4b2beea4199d2b65d22ad1eda542c154'112 bytesVirustotal results 39/57 (68.42%) http://ytcijiooxdtlbevrh.info/userinfo.php
2016-05-21 14:59:0442b79c3b3a34ef61815ea70e8b69ef77154'112 bytesVirustotal results 37/57 (64.91%) http://ytcijiooxdtlbevrh.info/userinfo.php
2016-05-21 14:38:0852de909a6808915df9326036b3431061154'112 bytesVirustotal results 40/57 (70.18%) http://ytcijiooxdtlbevrh.info/userinfo.php

Referencing malware samples: 5