Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 51.68.138.110 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	51.68.138.110
Hostname:	110.ip-51-68-138.eu
AS number:	AS16276
AS name:	OVH
Country:	PL
First seen:	2021-11-29 14:18:51 UTC
Last online:	2022-04-05 21:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2022-01-28 18:45:35	51.68.138.110	8080	Emotet	Offline	Yes (2022-01-28 18:50:05 UTC)	2022-03-11 08:xx:xx
2021-11-29 14:18:51	51.68.138.110	443	Dridex	Offline	Yes (2021-11-29 14:30:04 UTC)	2022-04-05 21:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 51.68.138.110. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-11-30 00:41:06	cf56f7caf6a6d3f2f1c14c84e9867ae8	dll	31.25%	n/a
2021-11-30 00:41:01	88094107bf878fafa120e080cd5863c1	dll	30.16%	Dridex
2021-11-30 00:40:59	07ceda8350df47b2ef9443985426a9eb	dll	31.75%	n/a
2021-11-30 00:40:56	3524315bb90e3e4c8cede2cdd476455f	dll	26.15%	n/a
2021-11-30 00:40:54	eb2128ec75ead5e755b83d5dcd2bd199	dll	26.56%	Dridex
2021-11-30 00:40:51	debdb2d0fbdf8fdc88ef398982d7ea80	dll	26.56%	Dridex
2021-11-29 14:57:21	60694813e68502d5093332b93063782c	dll	26.56%	Dridex
2021-11-29 14:47:04	e7d0399576da6b7175f50f3a2a3fc80a	dll	28.57%	Dridex
2021-11-29 14:46:56	6348e7537fa9fd52268cd945104dcc16	dll	29.23%	Dridex
2021-11-29 14:46:48	1ae2da441d713c8833643dc9cb81960f	dll	29.69%	n/a
2021-11-29 14:46:39	875854c7df98cf54a4ec7e1cadecdcad	dll	26.56%	Dridex
2021-11-29 14:11:00	0bc12ae063a010c542fee88e692f40b5	dll	26.15%	n/a