Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 89.37.1.2 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:89.37.1.2
Hostname:2.mobinnet.net
AS number:AS50810
AS name:MOBINNET-AS AS50855 belongs to rqbank that is mobinnet customer
Country:- IR
First seen:2021-05-27 21:39:57 UTC
Last online:2021-08-20 03:xx:xx UTC
Malware:TrickBot

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusLast online (UTC)
2021-05-27 21:39:5789.37.1.2443
TrickBot
Offline
2021-08-20 03:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 89.37.1.2. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2021-06-14 17:34:55073a8afef186284fe1eec6fde95fe77aDLL dlln/a
n/a
2021-06-10 20:36:38a9d83a751d5b6c857e0fcfcb5c4ef6eaWord file xlsbn/a
n/a
2021-06-10 19:02:228b036681327a6a86b70a3081625e7760Word file xlsbn/a
TrickBot
2021-06-10 18:36:257f72e3306537fd297cab6c8f0af18766Word file xlsbn/a
n/a
2021-06-10 18:05:3778981fd2c0ff29b9a221d4885338d89aWord file xlsbn/a
n/a
2021-06-10 18:02:448bee12401ee23754d5a47907b57c320bWord file xlsbn/a
n/a