Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 154.92.19.139 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	154.92.19.139
Hostname:	n/a
AS number:	AS142403
AS name:	YISUCLOUDLTD-HK YISU CLOUD LTD
Country:	HK
First seen:	2023-10-23 10:23:11 UTC
Last online:	2023-12-08 06:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2023-10-23 10:23:11	154.92.19.139	2222	Pikabot	Offline	Yes (2023-10-23 10:40:06 UTC)	2023-12-08 06:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 154.92.19.139. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2023-11-26 21:27:27	112fa478def3c3ccb237b0a761792432	dll	50.70%	Pikabot
2023-11-26 20:57:04	f1db416ec8730b06a37c0845736afa58	dll	50.70%	Pikabot
2023-11-22 01:27:23	e85df4e02103366293a259ce2d473dbd	exe	73.61%	Pikabot
2023-11-18 04:06:39	ba6b6485a42cc2eed83b8b61ccd36e6f	exe	63.89%	Pikabot
2023-11-16 16:18:36	a12001230dd6f5ca67f7935bcfdcd650	exe	37.50%	n/a
2023-11-13 17:10:11	f61d5fb45db0f9b6073f9e77d172bba3	exe	n/a	n/a
2023-11-13 16:51:11	65b83edd2b978dd32748d95c9566fd41	exe	n/a	n/a
2023-10-29 22:10:25	04b8773d05b7a3fa14b487030ac44667	dll	10.00%	n/a
2023-10-29 22:08:30	752a9967da3473ffd0f2b3142b441463	dll	11.27%	n/a
2023-10-29 21:56:16	23dca0d2e3f5ec7b0b4feb0256385df2	dll	11.43%	n/a
2023-10-29 21:20:44	8eac117fef1824d0c86ff7c257a13421	dll	12.68%	n/a
2023-10-29 21:03:49	8bc3208b8799a2353a58f776bd7e0ace	dll	12.86%	n/a
2023-10-28 12:45:39	df78544becd976343d9135a6617b33e0	dll	n/a	n/a
2023-10-25 14:38:16	c859883a3d3889ff159a1da8a815bd49	dll	n/a	n/a