Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 59.21.235.119 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	59.21.235.119
Hostname:	n/a
AS number:	AS4766
AS name:	KIXS-AS-KR Korea Telecom
Country:	KR
First seen:	2021-01-21 10:02:58 UTC
Last online:	2021-01-26 08:xx:xx UTC
Malware:	Emotet

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Last online (UTC)
2021-01-21 10:02:58	59.21.235.119	80	Emotet	Offline	2021-01-26 08:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 59.21.235.119. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-01-19 17:53:09	90559ee39dde77d5c24e10c0ca421e3d	dll	57.97%	Heodo
2021-01-16 20:33:57	1d9343a3950e060a15fe51b159a16a3e	dll	60.00%	Heodo
2021-01-16 20:18:22	c0792a6e1bc76254c5383827b5b43a4f	dll	57.97%	Heodo
2021-01-11 21:15:44	445e79553d5c2af5212772f5f94edc2b	dll	70.00%	Heodo
2021-01-10 18:29:15	030536214ff2410b7a046729bb833738	dll	72.73%	Heodo
2021-01-09 17:20:05	b1129ac56b0f679bbb2b93d4db349d44	dll	55.22%	Heodo
2021-01-08 16:49:00	d5bde20a25e110d4d882f2c39b78eef5	dll	n/a	Heodo
2021-01-08 16:44:55	c4086f002e78e93af7fcb3c572d76c5b	dll	43.48%	Heodo
2021-01-07 19:36:18	46e4b14f43efc08fab326e233e6bda39	dll	66.67%	Heodo
2021-01-07 19:16:26	dc31a25e0702a3b9451141e15456506d	dll	71.43%	Heodo
2021-01-07 19:15:06	eb367c375b0ba6e87bddecc79213db91	dll	63.77%	Heodo
2021-01-04 18:24:02	958eb4153c184621cc3a80c6352003c5	dll	n/a	Heodo
2021-01-03 19:36:57	e54345925d33cab59cc4bde4ad89bd71	dll	52.17%	Heodo
2021-01-01 17:18:18	ffc7bfaa7c851d84479c2119fdd4d83d	dll	60.00%	Heodo