Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 185.97.135.164 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:185.97.135.164
Hostname:cust-97-135-164.static.dcc.ps
AS number:AS60268
AS name:DIGITAL-COMMUNICATION-PALESTINE-ASN Digital Communication Palestine, Backbone Services Provider
Country:- PS
First seen:2021-03-02 08:01:08 UTC
Last online:2021-03-04 11:xx:xx UTC
Malware:TrickBot

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusLast online (UTC)
2021-03-02 08:01:08185.97.135.164447
TrickBot
Offline
2021-03-04 11:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 185.97.135.164. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2021-03-09 23:19:471c456166cb3dcbb6cf5af5fc02286f3fWord file xlsn/a
SilentBuilder
2021-03-09 23:07:570eeac1aa8ac908dfca2a390d05b1e9d2Word file xlsn/a
SilentBuilder
2021-03-09 22:06:240302da44859df55c0a40376838fef6e8Word file xlsn/a
TrickBot
2021-03-09 21:43:136aa2cc23cba9a157e8a027b8e304f6bfWord file xlsn/a
SilentBuilder
2021-03-09 21:40:30c4f0a6dc070e950bd8de29e5ec35467dWord file xlsn/a
TrickBot
2021-03-09 16:55:35ae14c84df30a7d25b062648f7e64cbbeWord file docn/a
n/a
2021-03-08 14:45:440c04c62c61480d08eecc3222e00ef9baWord file xlsn/a
SilentBuilder
2021-03-04 18:35:5257dea46887e69ef297da41048f9a2585Word file xlsn/a
SilentBuilder
2021-03-02 06:53:438ca4a3003653eab1bddbfa7f07261ad0Word file xlsbVirustotal results 3.12%
TrickBot