Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 217.165.239.223 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	217.165.239.223
Hostname:	bba-217-165-239-223.alshamil.net.ae
AS number:	AS5384
AS name:	EMIRATES-INTERNET Emirates Internet
Country:	AE
First seen:	2023-04-25 11:00:53 UTC
Last online:	2023-04-27 14:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2023-04-25 11:00:53	217.165.239.223	443	QakBot	Offline	Yes (2023-04-25 11:05:03 UTC)	2023-04-27 14:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 217.165.239.223. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2023-05-05 02:31:20	f76a6a0ec066414917441b400a3e837d	dll	n/a	Quakbot
2023-05-03 20:55:19	04a113bf42c2de91d104f5ac8adeb79f	dll	49.28%	Quakbot
2023-04-29 01:56:19	6295170171ea48eb12be6dd17631c16c	dll	n/a	Quakbot
2023-04-28 18:21:22	896fc1755320526367ec22e76284b367	dll	45.71%	Quakbot
2023-04-28 13:44:46	3c32bc9d3d35f9764d43f02a52dd56b0	dll	n/a	Quakbot
2023-04-28 03:36:43	db419fe40bd816f6ed6e6e4c03716042	dll	n/a	Quakbot
2023-04-27 06:43:17	b0d50126f78b2a93be9a26a66204dfcf	dll	n/a	Quakbot
2023-04-27 05:31:01	3d46c255fd15db3c90c08085af455b7b	dll	45.71%	Quakbot
2023-04-26 07:01:56	99813b65f8dc4ad16c091efe9efbb095	dll	n/a	Quakbot
2023-04-26 07:01:39	8817adedd6b5c1bb1c402d5e0a9aef12	dll	n/a	Quakbot
2023-04-26 07:01:37	ad7ed54954493b124eb1be5987f72844	dll	n/a	Quakbot
2023-04-25 17:53:05	4113904ae8ac8f43a521c10a870bcb60	wsf	n/a	Quakbot
2023-04-25 16:43:14	f407bf95cd406c34b2d4c463a59faf0a	dll	n/a	Quakbot