Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 190.152.125.75 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:190.152.125.75
Hostname:75.125.152.190.static.anycast.cnt-grms.ec
AS number:AS28006
AS name:CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP
Country:- EC
First seen:2021-12-09 06:25:02 UTC
Last online:2021-12-13 14:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusAbuse compltain sent?Last online (UTC)
2021-12-09 06:25:02190.152.125.75443
TrickBot
Offline
Yes (2021-12-09 06:30:03 UTC)2021-12-13 14:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 190.152.125.75. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2021-12-30 04:46:302fa5396b2e99b0423c3b19740adf7713Executable exen/a
TrickBot
2021-12-30 04:08:4047891a7b4724cf6760c680b87371e3e1Executable exeVirustotal results 43.48%
TrickBot
2021-12-30 04:07:5612e13773472a15e86386e06cc6f847caExecutable exen/a
TrickBot
2021-12-29 16:30:467edd56cc5540e5fbf57a7d14c006ac04Executable exen/a
TrickBot
2021-12-12 04:13:416a163c9ae5eceecd05358a2b42a43b31DLL dlln/a
TrickBot
2021-12-11 03:21:4863c702aaff5c96d930c9ccc2f91bd103DLL dllVirustotal results 50.00%
TrickBot
2021-12-10 03:23:23263db7a133450dc6a89b9abcdae34e12DLL dlln/a
TrickBot
2021-12-09 05:08:040981ee5ca8245a2aa67e8b154715f007DLL dllVirustotal results 39.39%
TrickBot