Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 197.94.78.32 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	197.94.78.32
Hostname:	197-94-78-32.dyn.mweb.co.za
AS number:	AS10474
AS name:	OPTINET
Country:	ZA
First seen:	2023-04-25 11:00:58 UTC
Last online:	2023-05-13 17:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2023-04-25 11:00:58	197.94.78.32	443	QakBot	Offline	Yes (2023-04-25 11:05:07 UTC)	2023-05-13 17:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 197.94.78.32. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2023-05-04 02:36:48	db8ec43b95b4c447264aea3d1fd8bf42	dll	n/a	Quakbot
2023-05-03 21:35:04	e9e2afb0dfbe4926fb5d3ce57be66ce8	dll	46.38%	Quakbot
2023-05-03 21:32:51	05a588e059bb70d9df0e3f95ac0987d0	dll	62.32%	Quakbot
2023-04-29 19:32:22	757a42094c79f0b01bc84710dbebe26d	dll	n/a	Quakbot
2023-04-29 13:43:19	53922f16021aa2e7a7b66683ada3258e	dll	n/a	Quakbot
2023-04-27 08:40:30	adbadeec3dd9fb95f72798fb6f0c56b8	wsf	n/a	Quakbot
2023-04-26 19:38:33	aeaa30730e0064868f2bc842155bd0ab	dll	42.86%	Quakbot
2023-04-26 07:59:03	e02ab2c827a450fb1d1160ddbfbfb26d	dll	n/a	Quakbot
2023-04-26 07:49:01	1801dbd423a02b0f55a375976fdf1ec2	dll	n/a	n/a
2023-04-26 07:01:47	afbbdd085461a6ea655d583a4c7ec670	dll	n/a	n/a
2023-04-26 07:01:37	ad7ed54954493b124eb1be5987f72844	dll	n/a	Quakbot
2023-04-26 04:55:36	2fa5cd7dd4220b4e8485a8e4f547b8c9	wsf	n/a	Quakbot
2023-04-25 14:06:13	ba0981d65376c51e5892e4f77cd1593b	dll	n/a	Quakbot