Malware Botnet C&C

You are currently viewing the database entry for the malware botnet command&control server (C&C) hosted at 92.38.128.47 . You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


IP address:92.38.128.47
Hostname:kerry.eva.example.com
AS number:AS199524
AS name:GCORE
Country:- RU
First seen:2021-01-17 07:50:26 UTC
Last online:2021-11-19 13:xx:xx UTC

Botnet C&Cs

The table below shows all botnet C&Cs know to Feodo Tracker that are hosted on this host.

First seen (UTC)IP addressPortMalwareStatusAbuse compltain sent?Last online (UTC)
2021-01-17 07:50:2692.38.128.473389
Dridex
Online
Yes (2021-11-25 15:33:26 UTC)2021-11-19 13:xx:xx

Referencing Malware Samples

The following table shows the most recent malware samples associated with malware botnet C&Cs hosted on 92.38.128.47. Please consider that the output is limited to the 500 most recent malware samples.

Time stamp (UTC)MD5 hashFile TypeVirustotalMalware
2020-11-17 12:01:26f7892d6773d53427728df0a5212d006aExecutable exen/a
Dridex
2020-11-17 11:32:445fdbca2752868186e21d1e723a58db4cExecutable exen/a
Dridex
2020-11-17 11:29:359d1ee734aebefda9a0225a66012388d5Executable exen/a
Dridex
2020-11-15 23:21:03275bd6c0a1a409d8eb2daa02d95b9ed9Executable exen/a
Dridex
2020-11-14 18:21:570aaeecf18177e9beb320bcccd5e1da13Executable exen/a
Dridex
2020-11-12 14:10:533dcb0d833edb13b442f32b5f1264d62dExecutable exen/a
Dridex
2020-11-11 11:13:11872170525ea189b963304abd9e3db83bExecutable exen/a
Dridex
2020-11-10 10:56:43acd2dadb83a8a13ce6457664b7c4c2a8Executable exen/a
Dridex