Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 31.13.195.145 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	31.13.195.145
Hostname:	n/a
AS number:	AS34224
AS name:	NETERRA-AS
Country:	BG
First seen:	2021-11-20 15:33:56 UTC
Last online:	2021-12-05 11:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-11-20 15:33:56	31.13.195.145	443	BazarLoader	Offline	Yes (2021-11-25 15:43:11 UTC)	2021-12-05 11:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 31.13.195.145. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-11-09 22:13:24	0357e41caab20be24e3397c9b7f59d65	dll	38.24%	BazaLoader
2021-11-05 19:19:28	96f40d4890477fcdacc6290994f7da88	dll	22.06%	BazaLoader
2021-11-05 16:18:07	939b5236d3a4ccd9cff1687756fd03fe	exe	n/a	RedLineStealer
2021-11-04 21:00:43	200641c3a6d4e0895c70d1784549cecc	dll	5.17%	BazaLoader
2021-11-04 18:45:14	205ab48767501c014875ecd590be1920	dll	n/a	BazaLoader
2021-11-04 17:20:04	8d9d5c76b4b3922d99b8ec818341e88a	dll	n/a	BazaLoader
2021-11-04 17:09:49	8425bfbf5201bc809a07e71baac38619	dll	n/a	BazaLoader
2021-11-03 20:24:05	c1b1e1ae7130a526a5ef421a9d83b2c6	dll	n/a	BazaLoader
2021-11-03 19:56:53	7952c0ed29cc9b8b9abf84da10a715b8	dll	4.55%	BazaLoader
2021-11-03 19:06:52	5d2f6dfd598aafed069602d1a81ef545	dll	n/a	BazaLoader
2021-11-03 18:49:44	3b569f7ad1a497a7ced22d2884399115	dll	n/a	BazaLoader
2021-11-03 18:07:30	96e0faebeea359eb91f0d33fb319699d	dll	n/a	BazaLoader
2021-11-03 17:52:31	454b95ce3f75bd9069b74c0294f6b1a2	dll	n/a	BazaLoader