Locky Distribution Site :: zionbrand.su

Host Information

Locky Distribution Site:zionbrand.su
Threat:Distribution Site
Malware:Locky
URL:http://zionbrand.su/p66/JGHldb03m
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:REGRU-SU
Firstseen (UTC):2017-09-19 10:24:08
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-09-19 10:26:47never46.185.113.17446-185-113-174.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-09-19 10:31:022017-09-19 10:31:3094.74.95.13094.74.95.130.pool.breezein.netNot listedAS34661BREEZE-NETWORK, UA- Ukraine (UA)
no2017-09-19 10:26:44never93.77.206.11393-77-206-113.dynamic.zap.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 10:31:022017-09-19 10:31:2993.76.50.53Not listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 10:26:40never91.234.139.172Not listedAS3MIT-GATEWAYS - Massachusetts Institute o[...]- Ukraine (UA)
no2017-09-19 10:26:41never87.97.168.70Not listedAS13124IBGC, BG- Bulgaria (BG)
no2017-09-19 10:31:052017-09-19 10:31:2886.121.59.3086-121-59-30.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-19 10:26:472017-09-19 11:01:0485.198.134.40134-40.trifle.netNot listedAS6702APEXNCC-AS Gagarina avenue, building 7, [...]- Ukraine (UA)
no2017-09-19 11:00:45never81.162.74.72Not listedAS198293GIGABYTE-AS, UA- Ukraine (UA)
no2017-09-19 11:00:452017-09-19 11:01:0681.162.74.72Not listedAS198293GIGABYTE-AS, UA- Ukraine (UA)
no2017-09-19 10:26:45never77.123.245.246245-246.ivcdon.netNot listedAS47629IVC, UA- Ukraine (UA)
no2017-09-19 11:00:402017-09-19 11:01:0677.122.76.5277-122-76-52.dynamic-FTTB.kharkov.volia.comNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 10:26:42never77.121.194.187187.chk.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 11:00:392017-09-19 11:01:0562.122.207.66Not listedAS49125UTEAM-AS, UA- Ukraine (UA)
no2017-09-19 11:00:432017-09-19 11:01:045.13.72.575-13-72-57.residential.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-19 10:31:042017-09-19 10:31:27109.86.76.228228.76.86.109.triolan.netNot listedAS13188TRIOLAN, UA- Ukraine (UA)
no2017-09-19 10:31:002017-09-19 10:31:3037.115.40.3837-115-40-38.broadband.kyivstar.netNot listedAS15895KSNET-AS, UA- Ukraine (UA)
no2017-09-19 10:26:46never31.6.126.251Not listedAS59815TRK-METRO-AS, UA- Ukraine (UA)
no2017-09-19 10:26:45never31.170.139.214ip-31-170-139-214.kichkas.netNot listedAS42714UA-KICHKAS , UA- Ukraine (UA)
no2017-09-19 10:26:43never31.134.23.68Not listedAS56592TELEWEST-INET-AS, RU- Russian Federation (RU)
no2017-09-19 11:00:412017-09-19 11:01:0631.133.69.125pool-31-133-69-125.optima-east.netNot listedAS48882OPTIMA-SHID-AS, UA- Ukraine (UA)
no2017-09-19 11:00:452017-09-19 11:01:07188.230.108.155ip.188.230.108.155.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-19 10:31:062017-09-19 10:31:31188.191.31.183host-188.191.31.183.ardinvest.netNot listedAS196705ARDINVEST, UA- Ukraine (UA)
no2017-09-19 10:31:052017-09-19 10:31:27188.190.208.219pool.luga.net.uaNot listedAS39728LUGANET-AS, UA- Ukraine (UA)
no2017-09-19 11:00:382017-09-19 11:01:08178.54.238.73Not listedAS48437MEREZHA-UA-AS PP Merezha,UA- Ukraine (UA)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-19 13:33:06b2c03024ad43a1829c7c3384866de8e6655'872 bytesVirustotal results 62/68 (91.18%) n/a
2017-09-19 11:00:0643e9190f8f18e52dc361f775cc02b2ce660'480 bytesVirustotal results 20/64 (31.25%) n/a
2017-09-19 10:26:39bab4aa0cb4904865dc247c8e78fd0eca660'480 bytesVirustotal results 19/64 (29.69%) n/a

Unique dropped files: 3