Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 85.88.174.94 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

IP address:	85.88.174.94
Hostname:	n/a
AS number:	AS34137
AS name:	RUAMUR-AS
Country:	RU
First seen:	2021-03-02 17:58:10 UTC
Last online:	2022-03-01 22:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)	IP address	Port	Malware	Status	Abuse complaint sent?	Last online (UTC)
2021-03-02 17:58:10	85.88.174.94	447	TrickBot	Offline	Yes (2021-11-25 15:34:19 UTC)	2022-03-01 22:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 85.88.174.94. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)	MD5 hash	File Type	Virustotal	Malware
2021-03-17 21:12:25	aab96cc3eb48d91538ac985bd9c9796c	exe	n/a	n/a
2021-03-17 21:05:52	9a9b73c9765c67d3d095d01a640fdd82	exe	n/a	TrickBot
2021-03-14 19:45:47	51862e070129cc8c1a8dc860b9a49e37	exe	34.78%	TrickBot
2021-03-13 20:23:27	167de3013d1bb5def0742d8a8faa2777	exe	42.86%	TrickBot
2021-03-11 19:55:19	add84623f0d699c471e38eaf37dade79	exe	55.07%	TrickBot
2021-03-11 19:07:24	f4a194d6b92693a79af656040135e900	xls	n/a	SilentBuilder
2021-03-09 21:10:55	5f7b9b89e8d5037df48f683911e5040f	exe	32.39%	TrickBot
2021-03-09 20:16:48	13ed849d7aaadb003b3d15a930d92e0a	exe	23.94%	TrickBot
2021-03-08 21:52:53	c50c904279ba7b4c9d44b6f9498bb0d7	exe	n/a	TrickBot
2021-03-07 21:34:33	e6c0e7ebeb3e8e56a58c143f0b7ff017	exe	n/a	TrickBot
2021-03-04 21:31:38	b50a5ce5906a66241e751b6e5838a9d1	exe	68.57%	TrickBot
2021-03-04 21:09:45	31b1b72e6164dafd885609e3312d3277	exe	67.61%	TrickBot
2021-03-02 18:57:46	25396a0ab1c93e8505b3f7e56ba2f0e1	dll	n/a	n/a
2021-03-02 17:33:09	1e74515df5d3fc976953487159f96657	dll	8.96%	TrickBot