Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 36.94.113.249 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:36.94.113.249
Hostname:n/a
AS number:AS7713
AS name:TELKOMNET-AS-AP PT Telekomunikasi Indonesia
Country:- ID
First seen:2021-01-18 09:27:36 UTC
Last online:2021-02-17 02:xx:xx UTC
Malware:TrickBot

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusLast online (UTC)
2021-01-18 09:27:3636.94.113.249447
TrickBot
Offline
2021-02-17 02:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 36.94.113.249. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2021-01-22 18:02:125824707b2a687cb750f2b9234ae67e42DLL dllVirustotal results 52.17%
TrickBot
2021-01-11 21:22:41e865c90e8c85ca6628c244611925909cExecutable exen/a
TrickBot
2021-01-10 18:29:54800cf5cc5e55c8ef6e96568cdc7a1e7aExecutable exen/a
TrickBot
2021-01-08 18:37:167a4fb336f0335c782ff9c452255a9415DLL dllVirustotal results 50.00%
TrickBot
2021-01-07 19:21:281bc798c2100652638df5b6f8c950dd98Executable exen/a
TrickBot
2021-01-06 13:02:08676ed1936d5c8b2696a2718f7078f49cExecutable exen/a
TrickBot
2021-01-06 10:46:0253fbec23cfe02713e7e914c311ddd61fExecutable exen/a
TrickBot
2021-01-06 10:15:25c23916455f369cbfe2bb2e9668162ddfExecutable exen/a
TrickBot
2021-01-06 09:33:52ec84cbab0c38bbf9923ed033d46ac016Executable exen/a
TrickBot
2021-01-06 09:11:202b06a423a0f9436fcf57c6cbf10aa371Executable exen/a
TrickBot
2021-01-06 04:48:55da28853a5fb3667a83843fbbbd8c7a09Executable exen/a
TrickBot
2021-01-04 20:27:300e842bcf2f008e7a1a02bc8363186659Executable exeVirustotal results 55.71%
TrickBot