Locky Distribution Site :: sanalnet.org
Host Information
| Locky Distribution Site: | sanalnet.org | |
|---|---|---|
| Threat: | Distribution Site | |
| Malware: | Locky | |
| Host Status: | ||
| Blacklist check: | Spamhaus DBL: | |
| SURBL: | ||
| Domain Registar: | OnlineNIC Inc. | |
| Firstseen (UTC): | 2016-09-16 11:19:21 | |
| Lastseen (UTC): | never | |
Ransomware URLs
The table below shows all associated Ransomware URLs located on this host.
| Firstseen (UTC) | URL (?URL assocaited with this Ransomware. The leading dots (Red, Green, Grey) indicate whether the URL is active or not. Red = Online Green = Offline Grey = Unknown) | Threat | Malware |
|---|---|---|---|
| 2016-12-13 21:44:33 | http://sanalnet.org/uh2qfbywb | ||
| 2016-09-16 11:19:21 | http://sanalnet.org/astqmgt |
# of URLs: 2
Associated IP addresses
The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.
| Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address). yes = Active A record no = Historical record) | Firstseen (UTC) | Lastseen (UTC) | IP address | Hostname | SBL | AS number | AS name | Country |
|---|---|---|---|---|---|---|---|---|
| no | 2016-09-16 11:50:58 | 2019-02-19 07:01:08 | 188.124.5.33 | ns4.medyax.com | Not listed | AS44565 | VITAL , TR |  Turkey (TR) |
# IPs found: 1 (max. 25)
Dropped files
Latest 100 files (malware samples) dropped by this distribution site.
| Firstseen (UTC) | MD5 hash | Filesize | VT | Signature |
|---|---|---|---|---|
| 2016-12-13 22:05:13 | e3f0ca7bda0039b7ac95412fe80849df | 164'365 bytes |  3/55 (5.45%)
| n/a |
| 2016-09-16 11:48:39 | 6e15c0d1907f7014deb2f7bea3b11a2c | 343'589 bytes | 5/55 (9.09%)
| n/a |
Unique dropped files: 2