Browse Botnet C&Cs

You are currently viewing the database entry for the TrickBot botnet command&control server (C&C) 85.217.170.227. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:85.217.170.227
Hostname:v76967.vps-ag.com
Status:Offline
Spamhaus SBL:Not listed
Malware:TrickBot
AS number:AS44901
AS name:BELCLOUD
Country:- BG
First seen:2020-02-24 13:24:23 UTC
Last seen:2020-02-28 18:01:06 UTC
Last online:2020-03-01

Malware Samples


The table below documents all malware samples associated with this TrickBot botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-01 19:34:037d8fe6533aae143294ba4080b88e90e4n/a85.217.170.227447TrickBot
2020-02-29 02:28:30a0faa2c49fff4075daceb69b9ba38664Virustotal results 6 / 73 (8.22%) 85.217.170.227447TrickBot
2020-02-29 01:49:26fd508c08255b14865a67d9de89a73167Virustotal results 11 / 72 (15.28%) 85.217.170.227447TrickBot
2020-02-28 14:23:27aaad23f0e9231f5062422437b8cfa2c7n/a85.217.170.227447TrickBot
2020-02-28 04:21:38ab39c465374afb364ac955863d7c6ee3Virustotal results 31 / 73 (42.47%) 85.217.170.227447TrickBot
2020-02-27 07:46:21ba6536e786c06f00556e38e47f3bee90Virustotal results 13 / 72 (18.06%) 85.217.170.227447TrickBot
2020-02-26 12:32:18882f63665d5f1864fe1cdd22980d0dc7n/a85.217.170.227447TrickBot

# of malware samples: 7