Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 138.36.1.137 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	138.36.1.137
Hostname:	138-36-1-137.texnet.net.br
AS number:	AS264562
AS name:	TEX NET SERVICOS DE COMUNICACAO EM INFORMATICA LTD
Country:	BR
First seen:	2021-12-11 04:25:26 UTC
Last online:	2021-12-14 10:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-12-11 04:25:26	138.36.1.137	443	TrickBot	Offline	Yes (2021-12-11 06:20:04 UTC)	2021-12-14 10:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 138.36.1.137. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-12-31 05:59:16	3cc5bfb60abff27c3c0ac2bf299e4da8	exe	59.42%	TrickBot
2021-12-30 17:04:25	f9e0625f2d404261619d438859aaa561	exe	n/a	TrickBot
2021-12-29 07:40:57	ca34cd843038b520e8f281292c16dcd7	exe	n/a	TrickBot
2021-12-29 07:07:46	f7067df3be65e15dbdb89370cf4edcf0	exe	30.88%	TrickBot
2021-12-16 07:12:43	f69cc47584c04dcd45eeac00798f6c31	exe	32.35%	TrickBot
2021-12-13 03:42:49	96c6d2276fe6d5c4a1a2e28bf688a378	dll	n/a	TrickBot
2021-12-12 23:02:37	36c049a2e321f982093d48a9f05907a4	dll	n/a	TrickBot
2021-12-12 18:43:49	13dbf779e15c560cd1cfa8ac6f47e442	dll	51.56%	TrickBot
2021-12-12 06:06:06	e57e3e1a20157f490083111fa225963d	dll	n/a	TrickBot
2021-12-12 05:19:48	38fb918bc0188c6a8b45b1b7c49b25a1	dll	53.73%	TrickBot
2021-12-11 03:31:01	fadf9c8feeb82235ea958363d8c2104a	dll	49.25%	TrickBot
2021-12-11 03:15:37	8250ff21c0219cf05f57e78547820f6a	dll	48.44%	TrickBot