Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 197.156.129.250 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:197.156.129.250
Hostname:chui.telkom.co.ke
AS number:AS12455
AS name:JAMBONET
Country:- KE
First seen:2021-07-31 19:58:44 UTC
Last online:2021-08-06 11:xx:xx UTC
Malware:TrickBot

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusLast online (UTC)
2021-07-31 19:58:44197.156.129.250443
TrickBot
Offline
2021-08-06 11:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 197.156.129.250. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2021-09-07 22:33:412f7bf982a8b45f47c645f6a172602889Executable exeVirustotal results 53.62%
TrickBot
2021-08-21 21:57:0073c1f31a84231515000975eb4c8df57bExecutable exeVirustotal results 38.57%
n/a
2021-08-08 17:57:51259adf92b3280ea15ee8642b39683a41Executable exen/a
n/a
2021-08-04 21:59:52bb0fe90e05edeb20dc267f782116ffe8DLL dllVirustotal results 37.68%
n/a
2021-08-01 23:02:58cfe46def985e296269bb83b8bd636252Executable exeVirustotal results 57.35%
TrickBot
2021-08-01 20:57:556f321ae60b3158816f7a527c44b5951aDLL dllVirustotal results 16.95%
TrickBot
2021-08-01 19:28:48e4eee4f58c7e07d21dbbc2d582b6cfb6DLL dllVirustotal results 37.68%
n/a
2021-07-31 19:06:4904fb76ed8abdcb5e93df2e4997b90102DLL dllVirustotal results 20.29%
TrickBot