Locky Distribution Site :: naturofind.org

Host Information

Locky Distribution Site:naturofind.org
Threat:Distribution Site
Malware:Locky
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:Todaynic.com, Inc.
Firstseen (UTC):2017-09-04 14:22:02
Lastseen (UTC):

Ransomware URLs

The table below shows all associated Ransomware URLs located on this host.

Firstseen (UTC)URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
ThreatMalware
2017-09-05 11:02:09
http://naturofind.org/p66/876tYU6tg8e
Distribution SiteLocky
2017-09-04 14:22:02
http://naturofind.org/p66/JIKJHgft
Distribution SiteLocky

# of URLs: 2

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2018-08-31 06:05:542018-10-05 06:11:42127.0.0.1localhostNot listedAS9498BBIL-AP BHARTI Airtel Ltd., INn/a
no2017-09-12 22:03:372017-09-13 22:09:5977.93.63.33Not listedAS43022UA-SEECH Zaporozhye, Lenina av. 170b, UA- Ukraine (UA)
no2017-09-11 18:30:002017-09-17 21:41:00188.44.20.245Not listedAS57374GIV-AS, MK- Macedonia (MK)
no2017-09-11 18:29:562017-09-17 21:41:0179.118.215.9879-118-215-98.pitesti.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-11 04:58:272017-09-15 13:51:3046.167.68.236v-103606-unlim.vpn.mgn.ruNot listedAS8427MAGINFO-AS Magnitogorsk, Russia, RU- Russian Federation (RU)
no2017-09-11 04:58:242017-09-15 13:51:3193.78.40.163Not listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-11 04:58:232017-09-15 13:51:3193.78.48.1993-78-48-19.dne.volia.netNot listedAS25229VOLIA-AS, UA- Ukraine (UA)
no2017-09-11 00:32:402017-09-11 13:20:00185.103.43.194185-103-43-194.dynamic-pool.mclaut.netNot listedAS25133MCLAUT-AS, UA- Ukraine (UA)
no2017-09-11 00:32:392017-09-11 13:19:59176.100.169.20Not listedAS30779INETKR-AS Krivoy Rog, Ukraine, UA- Ukraine (UA)
no2017-09-11 00:32:372017-09-11 13:20:0146.98.206.3Not listedAS15377FREGAT-AS, UA- Ukraine (UA)
no2017-09-10 13:30:182017-09-10 13:39:4488.135.249.113Not listedAS30779INETKR-AS Krivoy Rog, Ukraine, UA- Ukraine (UA)
no2017-09-10 13:30:142017-09-10 13:39:46188.0.104.83Not listedAS42430HOMELAN Limited liability company Byte-S[...]- Ukraine (UA)
no2017-09-10 13:30:132017-09-10 13:39:49213.231.19.61213.231.19.61.pool.breezein.netNot listedAS34661BREEZE-NETWORK, UA- Ukraine (UA)
no2017-09-09 10:57:202017-09-09 11:00:2895.135.193.1212-193-135-95.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-09-09 07:59:152017-09-09 13:15:2477.75.134.117Not listedAS42919DARYA-AS, RU- Russian Federation (RU)
no2017-09-09 07:59:142017-09-09 13:15:24151.0.9.207Not listedAS45025EDN-AS, UA- Ukraine (UA)
no2017-09-09 07:59:142017-09-09 13:15:27109.200.239.196109.200.239.196.pool.breezein.netNot listedAS34661BREEZE-NETWORK, UA- Ukraine (UA)
no2017-09-09 07:59:122017-09-09 13:15:2931.133.78.157pool-31-133-78-157.optima-east.netNot listedAS48882OPTIMA-SHID-AS, UA- Ukraine (UA)
no2017-09-09 07:59:102017-09-09 13:15:2581.196.23.22581-196-23-225.rdsnet.roNot listedAS8708RCS-RDS 73-75 Dr. Staicovici, RO- Romania (RO)
no2017-09-09 05:02:192017-09-13 12:59:02151.0.32.84Not listedAS45025EDN-AS, UA- Ukraine (UA)
no2017-09-08 18:31:492017-09-08 18:32:325.143.187.9999.net-187.kaluga.ruNot listedAS15468KLGELECS-AS 38, Teatralnaya st., RU- Russian Federation (RU)
no2017-09-08 13:44:462017-09-19 10:40:5291.225.225.1515.225.225.91.homenet.kiev.uaNot listedAS43310LVS-AS TOV _LVS_, UA- Ukraine (UA)
no2017-09-08 13:44:422017-09-19 10:40:50109.196.189.198pppoe-189-198.alexandriya.netNot listedAS50362KTM-PLUS-AS Teleradiocompany _Cable Tele[...]- Ukraine (UA)
no2017-09-08 13:44:332017-09-19 10:40:4737.54.75.171171-75-54-37.pool.ukrtel.netNot listedAS6849UKRTELNET, UA- Ukraine (UA)
no2017-09-08 05:13:242017-09-08 11:01:24159.224.48.8080.48.224.159.triolan.netNot listedAS13188BANKINFORM-AS , UA- Ukraine (UA)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-05 11:05:28869debb0e6580ac74dd321fbefb6a2ed617'472 bytesVirustotal results 10/45 (22.22%) n/a
2017-09-04 15:15:292200566127e8de5c0881c7d899d3553d669'184 bytesVirustotal results 16/58 (27.59%) n/a
2017-09-04 12:15:063134ff6529ef055b232452e3f29bdece253'440 bytesVirustotal results 21/60 (35.00%) # Not authorized

Unique dropped files: 3