Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 154.79.252.132 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	154.79.252.132
Hostname:	132-252-79-154.r.airtelkenya.com
AS number:	AS36926
AS name:	CKL1-ASN
Country:	KE
First seen:	2021-02-22 23:30:54 UTC
Last online:	2021-03-10 06:xx:xx UTC
Malware:	TrickBot

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Last online (UTC)
2021-02-22 23:30:54	154.79.252.132	449	TrickBot	Offline	2021-03-10 06:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 154.79.252.132. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-04-19 20:12:04	2bd58b71e9b404ffef1aa85c47f83345	exe	66.67%	TrickBot
2021-03-15 21:50:12	8a9e09d3073c9ed73b9157cf8d807a4f	exe	n/a	n/a
2021-03-14 19:45:47	51862e070129cc8c1a8dc860b9a49e37	exe	34.78%	TrickBot
2021-03-13 20:23:27	167de3013d1bb5def0742d8a8faa2777	exe	42.86%	TrickBot
2021-03-11 19:07:53	77529952ede7e7a1eb03ff26ad5a31d9	xls	n/a	TrickBot
2021-03-09 20:16:48	13ed849d7aaadb003b3d15a930d92e0a	exe	23.94%	TrickBot
2021-03-08 21:49:50	a35b4e9be9b21940b4bf3e4f1cb817f5	exe	57.75%	n/a
2021-03-07 21:19:57	d2d932a582c92382e1b64f7a5ecbe9ca	exe	n/a	n/a
2021-03-07 21:16:20	28ac61f21abb5497ca868bf4cd14762c	exe	63.38%	TrickBot
2021-03-05 20:13:10	30ac0b11e9c53a22876793fe2fd7d4c9	exe	72.86%	TrickBot
2021-03-03 22:42:13	a4cf58c502cf68dd04baf35dc5930395	exe	85.92%	TrickBot
2021-02-26 00:10:42	a1df4629502f1bf758fc9c5f16cfc51b	exe	64.62%	TrickBot
2021-02-23 20:06:15	884dab96c679194fc5140322d5ce9e9d	dll	20.29%	TrickBot
2021-02-22 20:57:17	864a00cc7f1d5104f9986addbcc4deaa	exe	n/a	TrickBot