Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 64.251.25.156 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	64.251.25.156
Hostname:	gal-quantity.upstartpen.com
AS number:	AS15083
AS name:	INFOLINK-MIA-
Country:	US
First seen:	2021-11-24 14:23:43 UTC
Last online:	2021-12-29 16:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 64.251.25.156. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-11-25 05:43:15	7fb5a4f21088c0e6644aee22eb9c5ac5	dll	27.27%	Dridex
2021-11-24 19:01:00	810c5b4097bc09b13f50322f814a76a1	dll	27.27%	Dridex
2021-11-24 18:52:06	a6fa2e86006a76b8f28ec150a0ad761c	dll	27.69%	Dridex
2021-11-24 18:51:50	5edc20b587b422b5fb0e6ece55948813	dll	24.19%	Dridex
2021-11-24 16:49:00	2c9a177b6a0e43042a46454f467d3aed	dll	28.79%	Dridex
2021-11-24 16:48:57	18363d169ce47cbbbc620ac11362f078	dll	41.54%	n/a
2021-11-24 16:48:44	76c9558a0cd42098b2c6e72f2264c1b0	dll	31.82%	Dridex
2021-11-24 16:48:41	2b8681f61b27637fad4a869f6919ae8c	dll	43.08%	Dridex
2021-11-24 16:48:34	edade5d8daa62a2ad259855fb0d66e61	dll	40.91%	Dridex
2021-11-24 16:47:12	85f81634f3be93b8e2d359f6e8b0fb86	dll	n/a	Dridex
2021-11-24 16:47:10	0e74eabfa1fb0f7c526ab0ea42c8738c	dll	n/a	Dridex
2021-11-24 16:19:08	5c3d6e0b50e770f9179c9e42f8425147	dll	27.27%	Dridex
2021-11-24 14:39:29	bf53b67e9ce48c1e2c1d4af02428f132	dll	28.79%	n/a
2021-11-24 14:39:21	0c25cd45058aaad04f63a57307b8fcbb	dll	30.30%	Dridex
2021-11-24 14:15:02	856ce8cc4ec2233c476e30c12bb4bc60	dll	29.23%	n/a