Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 85.175.171.246 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	85.175.171.246
Hostname:	n/a
AS number:	AS25490
AS name:	STC-AS
Country:	RU
First seen:	2021-03-24 10:17:13 UTC
Last online:	2021-06-21 16:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-05-27 21:39:59	85.175.171.246	443	TrickBot	Offline	No	2021-06-21 16:xx:xx
2021-03-24 10:17:13	85.175.171.246	447	TrickBot	Offline	No	2021-04-07 04:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 85.175.171.246. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-06-14 20:18:52	d4940cb32a11f20613d4bc28dda75bcd	xlsm	n/a	IcedID
2021-06-14 17:34:55	073a8afef186284fe1eec6fde95fe77a	dll	n/a	n/a
2021-06-10 20:14:21	402a5fab97d440f9e79fa99f3f882bb5	xlsb	n/a	n/a
2021-06-09 17:09:16	32b2798ecb2396f1bb2ccc3d5a2a20fe	exe	15.94%	TrickBot
2021-06-08 22:20:03	158b57c79071c935e63a2fbe85a8d68c	exe	18.84%	TrickBot
2021-03-26 08:22:26	b9518acfbcc437598587439423ff7a4d	doc	n/a	TrickBot
2021-03-26 07:54:56	d3c979e1fbf75c7a3f634623b65e37b1	xlsm	n/a	TrickBot
2021-03-26 07:50:08	1fcfb3edfe0d037898e1f2ad1f552ebd	xlsm	n/a	TrickBot
2021-03-26 07:13:48	b9866719ae9fc35777f82ff25cbe06f7	xlsm	n/a	TrickBot
2021-03-26 07:00:35	d68d75de28838507aaeb45d7bf520395	xlsm	n/a	TrickBot
2021-03-26 06:49:27	99fc139aa7cf32e1685c8abb55c58a40	xlsm	n/a	TrickBot
2021-03-26 06:32:17	255c81deb5e5b3129b71168b4443af3e	xlsm	n/a	TrickBot
2021-03-23 21:07:36	ca0aeae386efea445ecac9844fa68916	exe	71.43%	TrickBot