Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 103.253.107.155 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	103.253.107.155
Hostname:	el1.lacak-mobil.com
AS number:	AS45298
AS name:	INTERLINK-TECH-AS-ID INTERLINK TECHNOLOGY, PT
Country:	ID
First seen:	2021-08-05 13:50:54 UTC
Last online:	2022-09-20 14:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-08-05 13:50:54	103.253.107.155	7443	Dridex	Offline	Yes (2021-11-25 15:36:26 UTC)	2022-09-20 14:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 103.253.107.155. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-10-03 16:59:31	bbc52bb6af7d04011f588d8727d56ee2	exe	72.06%	n/a
2021-10-01 16:33:02	fec5bfcb8990cd4702591e517667dbfb	exe	72.06%	Dridex
2021-10-01 14:54:12	ee37115e8f9aca047d73e2dbc37705c9	exe	73.13%	Dridex
2021-10-01 14:51:27	1e440c13254c5de692f5cbb5cab87b7e	exe	72.06%	Dridex
2021-08-20 20:25:10	557ead6a46086b5f0681e956f68a7b2f	exe	75.36%	n/a
2021-08-20 20:12:40	5bad4d7224b05f0937139aea52ebc984	exe	74.29%	Dridex
2021-08-20 20:09:11	b18dd7c4385110c4c43a47fe5f4fce8b	exe	64.52%	Dridex
2021-08-20 19:59:13	7de6ce1c673e020dd8186d4196271bb3	exe	73.91%	n/a
2021-08-20 19:54:28	d266fb7be53dd0ff4f01945896d6fb7c	exe	70.00%	Dridex
2021-08-15 19:14:36	263eeb101f7b41a5f5e757be8b45950b	exe	69.12%	Dridex
2021-08-14 20:38:12	b843ce18239c119e48cc95b85d860d8a	exe	68.12%	Dridex
2021-08-05 13:30:49	a1854382172275a7816869278a64178a	exe	47.14%	Dridex