Browse Botnet C&Cs

You are currently viewing the database entry for the D botnet command&control server (C&C) 185.12.95.191. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:185.12.95.191
Hostname:novostroyki36.ru
Status:Offline
Spamhaus SBL:SBL257152
Malware:
AS number:AS49189
AS name:RUWEB, RU
Country:- RU
First seen:2015-04-24 06:29:08 UTC
Last seen:2015-09-29 04:05:34 UTC

Malware Samples


The table below documents all malware samples associated with this D botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2015-07-17 18:47:245a6b46b57749f2c8816db5bb2219a683n/a185.12.95.1914443
2015-06-19 15:39:0104184470e9f14dad2a039dc192160770Virustotal results 26/57 (45.61%) 185.12.95.1914443
2015-06-01 23:15:35aa55abc9bb0e8b5a04cad72dde3b1be1Virustotal results 41/57 (71.93%) 185.12.95.1914443Dridex
2015-05-28 08:18:268c71d6b5358970a0dff26dce397fcd6eVirustotal results 29/57 (50.88%) 185.12.95.1914443
2015-05-28 02:42:40e1c7eccc8fec00a10c1e0cd65e443635Virustotal results 36/57 (63.16%) 185.12.95.1914443
2015-05-27 20:34:3652ca004d4143d3beae57a24175136d02n/a185.12.95.1914443
2015-05-27 18:46:148974399bb24a9ef8d9f1ff05e9618e75Virustotal results 37/57 (64.91%) 185.12.95.1914443
2015-05-27 10:50:18412ce577521a560459cd711f5966caf4Virustotal results 42/57 (73.68%) 185.12.95.1914443
2015-05-27 10:28:02025f044de00d91279d71e806b781ee8aVirustotal results 17/57 (29.82%) 185.12.95.1914443
2015-05-23 00:00:12e164f90129e521bc43a54ba0a12938faVirustotal results 13/56 (23.21%) 185.12.95.1914443Dridex
2015-04-28 15:38:1667a5facf854a72382a8d8e308027baa3Virustotal results 4/56 (7.14%) 185.12.95.1914443Dridex
2015-04-27 07:03:20e52a8d15ee08d7f8b4efca1b16daaefbVirustotal results 29/57 (50.88%) 185.12.95.1914443Dridex
2015-04-26 18:04:4251810f13921600f7e389dc23ff8d3cceVirustotal results 23/56 (41.07%) 185.12.95.1914443Dridex
2015-04-24 06:29:085258dda1ad2a50c25452045fc363099fVirustotal results 27/57 (47.37%) 185.12.95.1914443Dridex

# of malware samples: 14