Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 159.8.59.84 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	159.8.59.84
Hostname:	54.3b.089f.ip4.static.sl-reverse.com
AS number:	AS36351
AS name:	SOFTLAYER
Country:	NL
First seen:	2021-03-31 16:14:04 UTC
Last online:	2022-07-04 21:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2022-06-30 21:00:12	159.8.59.84	8080	Emotet	Offline	Yes (2022-06-30 21:05:04 UTC)	2022-07-04 21:xx:xx
2021-03-31 16:14:04	159.8.59.84	443	Dridex	Offline	No	2021-05-23 05:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 159.8.59.84. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2022-07-05 13:54:19	c3d71f860c941fb9a4a16f5b1ebf0c34	xls	46.55%	SilentBuilder
2022-07-05 12:59:27	feaac9645ae98761594a07e3f45683d5	dll	n/a	Heodo
2022-07-05 10:39:37	344fb28627025a02c696cdddecdc3dea	dll	n/a	Heodo
2022-07-05 09:04:28	6b21809ddf73cf5f57952cd19948e0de	xls	50.00%	n/a
2022-07-05 04:53:15	65a34fa9db3c6541528445024c21f350	dll	5.97%	Heodo
2022-07-05 04:52:54	1d23fae067811bfcd0ff00d912ae1c06	dll	13.24%	Heodo
2022-07-04 13:09:55	9671261288c80e39b1770fbe859f82f3	dll	n/a	Heodo
2022-07-04 11:53:46	4c7bb5a12d49232df23175c4af2501c2	xls	n/a	n/a
2022-07-04 11:29:50	ad5a3def63a9d9af86e13ecabc73a03e	dll	n/a	Heodo
2022-07-04 10:15:24	314e9203e529e62528138da92fc85543	xls	53.45%	Heodo
2022-07-04 10:14:05	faa234ac961d743bc4fd7d4554ad6c6e	xls	n/a	SilentBuilder
2022-07-04 10:12:52	a6868a44765d931298a7be5aa1dc9dc4	xls	52.54%	n/a
2022-07-04 10:08:32	f6cde794aa4b589f33f42fb392490e0e	xls	62.71%	SilentBuilder
2022-07-04 10:07:49	a3d39f51ca2556c999febf4336744f49	xls	50.85%	SilentBuilder
2022-07-04 09:26:53	6168774000ad16464c23f520312fa5b6	xls	57.63%	SilentBuilder
2022-07-04 08:41:58	fda9b005a725d9f698e24b16c3b0eb2a	xls	n/a	SilentBuilder
2022-07-04 03:48:30	05379f18cd9bfb9f64dd9d319b5ad9f9	dll	n/a	Heodo
2022-07-02 15:43:20	9f2e06556d83664cfc5a724caada9d32	dll	n/a	Heodo
2022-07-02 12:36:51	4d0bc228c12c6365be47a6103d2d2bf2	dll	n/a	Heodo
2022-07-02 11:13:24	1520c8c3b5f274e499246dbd20bc4cf0	dll	n/a	Heodo
2022-07-02 10:59:47	fe82561a82c12aad8d2364f764ea6983	dll	n/a	Heodo
2022-07-02 10:25:21	51c934fd47873ecfac41f0a0b530ac51	dll	27.94%	Heodo
2022-07-02 09:37:15	5472500fbaf66d6cbdc54f2e16046bfd	dll	n/a	Heodo
2022-07-01 13:43:45	aa66798136619c7117527865655bdfdf	dll	n/a	Heodo
2022-07-01 12:20:32	9753bfe4e64fd4a6983d5f7e2096582d	dll	n/a	Heodo
2022-07-01 12:01:22	db0e190e5fb972f6241261a4833f2fcc	dll	n/a	Heodo
2022-07-01 10:56:06	26dbca3223d523d3dbba675e5f07b84b	dll	n/a	Heodo
2022-07-01 10:55:50	028813dd7c28f58739d3a8e75df976f6	dll	n/a	Heodo
2022-07-01 05:54:39	d6d4a64e202cdeb2f4ec1faf8ce61b78	dll	n/a	Heodo
2022-06-30 19:01:18	da0541225a406219a7ab7d1629188c1d	dll	n/a	Heodo
2022-06-30 14:03:29	7b45baa55e5448f62e1812e514da76fb	dll	n/a	Heodo
2022-06-30 13:46:55	822aae296ee92843f2dd6fed72fe2db1	dll	n/a	Heodo
2022-06-30 13:01:07	dc8ddd9624038ba84d1e64f3b1346d97	dll	n/a	Heodo
2022-06-30 12:28:42	f9768a0218731e9f2a18edaa689d118c	dll	n/a	Heodo
2022-06-30 11:53:01	225e6cb73f9bdf55f2d5eb9426b61362	dll	n/a	Heodo
2022-06-30 10:55:25	1240054b123734c811eb7b23a4eb93f0	dll	n/a	Heodo
2022-06-30 10:34:24	4506999b06c2a95d20b5cc33ba079079	dll	n/a	Heodo
2022-06-30 10:00:05	eaf4e4b2ef1952f80f77c20ddd107437	dll	n/a	Heodo
2022-06-30 09:49:32	f53b177eb876e64539b5d4c26c2b4085	dll	n/a	Heodo
2022-06-30 09:49:32	a681128126e1035963f2f9b151233713	dll	n/a	Heodo