Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 1.161.104.31 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	1.161.104.31
Hostname:	1-161-104-31.dynamic-ip.hinet.net
AS number:	AS3462
AS name:	HINET Data Communication Business Group
Country:	TW
First seen:	2022-05-26 05:39:36 UTC
Last online:	2022-05-27 12:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2022-05-27 01:28:56	1.161.104.31	995	QakBot	Offline	Yes (2022-05-27 01:30:04 UTC)	2022-05-27 10:xx:xx
2022-05-26 05:39:36	1.161.104.31	443	QakBot	Offline	Yes (2022-05-26 05:40:04 UTC)	2022-05-27 12:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 1.161.104.31. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2022-05-31 00:43:11	ce299cf28f63f4b58d2a635d3a1ef3d6	dll	26.47%	Quakbot
2022-05-31 00:43:11	ce299cf28f63f4b58d2a635d3a1ef3d6	dll	26.47%	Quakbot
2022-05-30 12:10:50	4019b2191745992831063748868d1b52	dll	17.65%	n/a
2022-05-30 12:10:50	4019b2191745992831063748868d1b52	dll	17.65%	n/a
2022-05-30 10:52:19	394c240c06054ea822641dfed41dfa51	dll	n/a	Quakbot
2022-05-30 10:52:19	394c240c06054ea822641dfed41dfa51	dll	n/a	Quakbot
2022-05-30 10:38:47	80c30fe8ca55631b633a35921d9dc623	dll	n/a	n/a
2022-05-30 10:38:47	80c30fe8ca55631b633a35921d9dc623	dll	n/a	n/a
2022-05-25 13:58:35	d40e29758c3b08aeb01f1045ad60e463	dll	n/a	Quakbot
2022-05-25 13:58:20	8930a6c6ead6fb9e38c0b3095566ed39	dll	n/a	Quakbot
2022-05-25 13:58:03	797c5564c396029c25ff514cc66e1a94	dll	n/a	Quakbot