Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 181.112.157.42 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	181.112.157.42
Hostname:	42.157.112.181.static.anycast.cnt-grms.ec
AS number:	AS28006
AS name:	CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP
Country:	EC
First seen:	2021-06-18 08:56:49 UTC
Last online:	2021-10-25 13:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-06-18 08:56:49	181.112.157.42	443	TrickBot	Offline	No	2021-10-25 13:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 181.112.157.42. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-07-24 06:47:03	9d3986e11d086795c0f0ee294ecb0b7f	exe	n/a	TrickBot
2021-07-24 06:04:40	c801853ca93819bfbbe306033c769176	exe	18.57%	TrickBot
2021-07-22 11:42:18	4b15905cd1a709ef7198ad2907e3dcff	dll	37.68%	TrickBot
2021-07-20 19:44:48	f14377c4a8b88c4b57c6a307cf8a871a	dll	n/a	n/a
2021-07-20 15:56:32	9c1b652242e974a4a35b2a64a036301b	dll	n/a	TrickBot
2021-07-20 15:55:19	9d3883fbd7070b814c734ae913457bcb	js	n/a	n/a
2021-07-20 15:53:52	c2867bcd5dac646c34d132b37043b9e9	dll	n/a	n/a
2021-07-16 13:45:37	dc7c3dc249914fff1eec75e3955c08ab	dll	n/a	TrickBot
2021-07-14 12:35:16	5d94f16432ed065de63b276ba871033d	js	n/a	n/a
2021-07-05 23:13:25	71a6d2f09d0f156d18f9ee0c2bd3f39b	dll	n/a	n/a
2021-07-04 08:00:27	eb6c7ac6bfd04b30e7f08d56696679eb	dll	27.54%	n/a
2021-07-04 06:18:40	aad8f77161e900395f1e144c2726bdce	dll	26.47%	n/a