Locky Distribution Site :: karakascit.com

Host Information

Locky Distribution Site:karakascit.com
Threat:Distribution Site
Malware:Locky
URL:http://karakascit.com/kdivrdr.exe
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:Nics Telekomunikasyon Tic Ltd. Sti.
Nameserver(s):nsg1.namebrightdns.com
 nsg2.namebrightdns.com
Firstseen (UTC):2017-09-07 06:55:55
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-12-04 05:55:262019-11-11 05:48:5223.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-11 05:56:232018-10-31 05:57:5652.55.164.156ec2-52-55-164-156.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-15 05:54:102018-11-28 05:53:1354.208.56.179ec2-54-208-56-179.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-11 05:54:272018-12-03 05:54:3454.165.193.163ec2-54-165-193-163.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-12 05:56:442018-10-25 06:02:1754.144.21.246ec2-54-144-21-246.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-28 05:58:482018-10-10 05:53:5552.87.45.42ec2-52-87-45-42.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-01 05:58:482018-12-03 05:54:3452.86.122.241ec2-52-86-122-241.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-14 05:55:402018-11-28 05:53:1352.73.179.54ec2-52-73-179-54.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-28 05:58:472018-10-07 05:55:5952.6.46.72ec2-52-6-46-72.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-11-14 05:55:392018-11-15 05:54:0952.6.234.76ec2-52-6-234-76.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-09-07 06:56:062017-10-17 01:35:43185.12.111.126server.pamedya.comNot listedAS62054YNT, TR- Turkey (TR)
no2018-10-31 05:57:56never52.54.154.33ec2-52-54-154-33.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-09-28 05:58:472018-10-18 05:59:0952.5.251.20ec2-52-5-251-20.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-26 05:58:462018-10-30 05:59:4552.3.123.192ec2-52-3-123-192.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-12 05:56:442018-11-06 05:55:2052.22.89.169ec2-52-22-89-169.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2018-10-17 06:00:00never34.195.144.62ec2-34-195-144-62.compute-1.amazonaws.comNot listedAS14618AMAZON-AES - Amazon.com, Inc., US- United States (US)
no2017-09-21 04:55:282017-10-06 19:00:56185.59.30.75host-185-59-30-75.ttnetdc.comNot listedAS199366TTNETDC, TR- Turkey (TR)

# IPs found: 17 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-06 18:30:08a1cb6b40b49d78103444c32f4f5c1022604'160 bytesVirustotal results 58/65 (89.23%) Locky

Unique dropped files: 1