Browse Botnet C&Cs

You are currently viewing the database entry for the TrickBot botnet command&control server (C&C) 198.12.71.138. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:198.12.71.138
Hostname:198-12-71-138-host.colocrossing.com
Status:Offline
Spamhaus SBL:SBL453587
Malware:TrickBot
AS number:AS36352
AS name:AS-COLOCROSSING - ColoCrossing
Country:- US
First seen:2019-07-09 05:59:09 UTC
Last seen:2019-07-09 12:27:44 UTC
Last online:2019-07-09

Malware Samples


The table below documents all malware samples associated with this TrickBot botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-07-09 15:38:05564c7f0213e888fb555863707e314ec0Virustotal results 27/70 (38.57%) 198.12.71.138447TrickBot
2019-07-09 12:39:3969d8cb947525bb8568eb3cde8b6b19e7Virustotal results 35/69 (50.72%) 198.12.71.138447TrickBot
2019-07-09 10:21:2524ae014e5897649c930e7486a368424dVirustotal results 35/70 (50.00%) 198.12.71.138447TrickBot
2019-07-09 08:09:289ebb26c99acf99191142ee7886015738Virustotal results 33/71 (46.48%) 198.12.71.138447TrickBot
2019-07-09 08:09:289ebb26c99acf99191142ee7886015738Virustotal results 33/71 (46.48%) 198.12.71.138447TrickBot
2019-07-09 06:33:28aeb10cd1cd6f61b4b7fd093533d17e91Virustotal results 52/71 (73.24%) 198.12.71.138447TrickBot
2019-07-09 06:18:355f60a041d7c5aff58cb65cf8cb398102Virustotal results 35/72 (48.61%) 198.12.71.138447Dyre

# of malware samples: 7