Browse Botnet C&Cs

You are currently viewing the database entry for the TrickBot botnet command&control server (C&C) 185.68.93.20. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:185.68.93.20
Hostname:saha.ju
Status:Offline
Spamhaus SBL:SBL460553
Malware:TrickBot
AS number:AS56577
AS name:ASRELINK
Country:- RU
First seen:2019-09-28 02:46:20 UTC
Last seen:2019-09-28 02:46:20 UTC
Last online:2019-09-28

Malware Samples


The table below documents all malware samples associated with this TrickBot botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-09-30 08:33:24aede1beaf6f09f4476b271fcb4e48ed3Virustotal results 53/69 (76.81%) 185.68.93.20447TrickBot
2019-09-30 07:40:358dd500c7f8c7ab74ae5bc085cdadd34bVirustotal results 49/69 (71.01%) 185.68.93.20447TrickBot
2019-09-28 20:17:254a8ffd005bb0fa29c63fbf7458cb4528Virustotal results 51/71 (71.83%) 185.68.93.20447TrickBot
2019-09-28 03:43:485e7d9a9fc5a92502307ab85903e15544Virustotal results 52/69 (75.36%) 185.68.93.20447TrickBot

# of malware samples: 4