Locky Distribution Site :: erdssw.net

Host Information

Locky Distribution Site:erdssw.net
Threat:Distribution Site
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:DOMAIN.COM, LLC
Firstseen (UTC):2016-11-04 06:38:50
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-09-07 06:52:052019-05-24 06:42:43107.151.73.237Not listedAS132839POWERLINE-AS-AP POWER LINE (HK) CO., LIM[...]- United States (US)
no2018-09-02 06:53:572018-09-06 06:49:38107.151.73.243Not listedAS132839POWERLINE-AS-AP POWER LINE (HK) CO., LIM[...]- United States (US)
no2016-11-04 07:14:272017-03-12 01:29:22113.10.202.114Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2018-09-07 06:52:04never160.124.37.245Not listedAS132839POWERLINE-AS-AP POWER LINE (HK) CO., LIM[...]- South Africa (ZA)
no2018-05-26 01:49:30never208.91.197.27Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- United States (US)
no2017-03-13 01:31:432017-04-21 01:31:4569.172.201.153Not listedAS19324DOSARREST - Dosarrest Internet Security [...]- United States (US)

# IPs found: 6 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-25 07:17:435bfbd7418f213999ca432a805c59017a17'000 bytesn/an/a
2016-11-04 07:04:31f773e14ee1b70fd7d459bc77c71b4359303'104 bytesVirustotal results 57/66 (86.36%) # Not authorized

Unique dropped files: 2