Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 81.240.235.122 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:81.240.235.122
Hostname:122.235-240-81.adsl-dyn.isp.belgacom.be
AS number:AS5432
AS name:PROXIMUS-ISP-AS
Country:- BE
First seen:2023-05-04 08:25:45 UTC
Last online:2023-05-31 07:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusAbuse complaint sent?Last online (UTC)
2023-05-04 08:25:4581.240.235.1222222
QakBot
Offline
 Yes (2023-05-04 08:30:03 UTC)2023-05-31 07:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 81.240.235.122. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2023-05-04 09:16:120922263aca1540f529b7db140ffaf931DLL dlln/a
Quakbot
2023-05-04 07:30:02b29ad453682855ff22a6b80f52b65958DLL dlln/a
n/a
2023-05-04 07:11:16c18ce07d35b0004df72a3869982f3f68DLL dlln/a
Quakbot
2023-05-04 06:31:31ef7c39c3f1dd91d41c6c35b0e6ede7a4DLL dlln/a
Quakbot
2023-05-04 02:40:404b5de0454d4be6897f41d2a361bd0777DLL dlln/a
Quakbot
2023-05-04 00:52:505aafa9eb25c992f19a23e660b3f6b2c0DLL dlln/a
Quakbot
2023-05-04 00:36:32980b06d6bd6b85d2f85ffefddfe82e66DLL dlln/a
Quakbot
2023-05-03 23:19:5229bcf8d1c999d0e2357bbc5cc7fbebaaDLL dlln/a
Quakbot
2023-05-03 22:37:107fcdb300b4bcfe38096efe1d1b799490DLL dlln/a
Quakbot
2023-05-03 21:36:27f03cf1b7f811bdda0f126005b463b7c9DLL dllVirustotal results 10.14%
Quakbot
2023-05-03 21:02:14a59d320970d28fd6fc0688a0ac1e3207DLL dllVirustotal results 10.14%
Quakbot
2023-05-03 21:02:0465efe471f4195d3115e5e2084fd910d5DLL dllVirustotal results 7.25%
Quakbot