Feodo Tracker :: 5.45.108.249

C&C Information

Feodo C&C:5.45.108.249
Version:E
Host status:offline
Hostname:house.roman-allenstein.de
Spamhaus SBL:Not listed
AS number:AS197540
AS name:NETCUP-AS netcup GmbH, DE
Country:- DE
Firstseen (UTC):2017-09-28 14:05:43
Lastseen (UTC):2017-10-29 15:44:02

Referencing malware binaries

Latest 100 malware binaries referencing this Feodo C&C:

Timestamp (UTC)MD5 HashFilesizeVTHostPortMethod
2017-10-14 07:05:51c17d5cfd469287948bf749ade607ce6c93'184 bytesVirustotal results 44/65 (67.69%) 5.45.108.249:80808080POST
2017-10-12 08:45:14c40bbde719650d59b11690c9b1c2958586'016 bytesVirustotal results 48/66 (72.73%) 5.45.108.249:80808080POST
2017-10-04 19:37:37f9f660e4ee4d4d201a31988b3040328b102'400 bytesVirustotal results 35/66 (53.03%) 5.45.108.249:80808080POST
2017-10-03 18:15:0777fb77952c85469fcbed695b0c8d9a3298'304 bytesVirustotal results 37/66 (56.06%) 5.45.108.249:80808080POST
2017-10-03 17:32:0012b78a1e1e2906f75d89b2e91fbe85c092'160 bytesVirustotal results 39/66 (59.09%) 5.45.108.249:80808080POST
2017-10-03 17:23:2750b6dafb4202cfada686c9788413fe8992'160 bytesVirustotal results 39/66 (59.09%) 5.45.108.249:80808080POST
2017-10-03 12:05:133dc00a8589de92b1a1b41b8ddcdd5fdc94'208 bytesVirustotal results 34/66 (51.52%) 5.45.108.249:80808080POST
2017-10-02 17:42:1617c47e14b2bd30465fdf2514be6cd25e98'304 bytesVirustotal results 39/66 (59.09%) 5.45.108.249:80808080POST
2017-10-02 07:48:102bffb71e9b44b2731dfefe2b044e7a7591'136 bytesVirustotal results 38/65 (58.46%) 5.45.108.249:80808080POST
2017-10-02 02:12:27a671ab295b9e1f5c494966cc35d392d492'160 bytesVirustotal results 28/65 (43.08%) 5.45.108.249:80808080POST
2017-10-01 22:08:459daef54e07bbd890b1651ed9fce73f4985'504 bytesVirustotal results 36/65 (55.38%) 74.50.52.130:80808080POST
2017-10-01 21:30:363cb59ab03d55fcf43e8db660895bce7f82'944 bytesVirustotal results 36/65 (55.38%) 74.50.52.130:80808080POST
2017-10-01 21:29:023842006a99aa3abcb250e8e1563699f685'504 bytesVirustotal results 38/65 (58.46%) 74.50.52.130:80808080POST
2017-10-01 20:32:350ed30d58740243b77ea3bd81655fb09386'016 bytesVirustotal results 32/64 (50.00%) 74.50.52.130:80808080POST
2017-09-30 21:35:12e28eb4f4ae7706c57c968e2b831be6cc98'304 bytesVirustotal results 21/64 (32.81%) 5.45.108.249:80808080POST
2017-09-30 21:29:12d7cf67fb1c162dc31cb620c759be9a9b98'304 bytesVirustotal results 17/65 (26.15%) 74.50.52.130:80808080POST
2017-09-30 21:22:14cba1e3383035b7815eab8ddb2b58c5d790'112 bytesVirustotal results 38/65 (58.46%) 5.45.108.249:80808080POST
2017-09-30 21:19:08c5fe1f8c73dc6261853051627256fe3398'304 bytesVirustotal results 43/64 (67.19%) 5.45.108.249:80808080POST
2017-09-30 19:45:322161743fce827695193d7fb89f53ac4589'600 bytesVirustotal results 36/65 (55.38%) 5.45.108.249:80808080POST
2017-09-30 19:17:22d0b043ee25c31210e0f4af9d8676c59d98'304 bytesVirustotal results 38/65 (58.46%) 5.45.108.249:80808080POST
2017-09-30 19:10:43a3a503273463984436e52952e57b6a4c92'160 bytesVirustotal results 48/64 (75.00%) 5.45.108.249:80808080POST
2017-09-30 19:02:11ec12c65c37485460d0f3a5e5ffc7b47698'304 bytesVirustotal results 40/65 (61.54%) 5.45.108.249:80808080POST
2017-09-30 18:36:29e63cb0cb4897491dc42641c395544c3898'304 bytesVirustotal results 40/65 (61.54%) 5.45.108.249:80808080POST
2017-09-30 18:35:2561728df3cf8f51d57e5796a05dff602090'112 bytesVirustotal results 41/65 (63.08%) 5.45.108.249:80808080POST
2017-09-30 08:50:20dcd29d2258096df7756078d00370fb5586'016 bytesVirustotal results 13/64 (20.31%) 5.45.108.249:80808080POST
2017-09-30 08:49:03474596cdec9e93d330295f5b3d2dfc8e86'016 bytesVirustotal results 20/65 (30.77%) 5.45.108.249:80808080POST
2017-09-30 08:48:40122582d89b5d7fa5f33cc3e864c81c9686'016 bytesVirustotal results 30/65 (46.15%) 5.45.108.249:80808080POST
2017-09-29 22:00:18f896ffb11e958dee24a58fd95e96bc2c94'208 bytesVirustotal results 21/64 (32.81%) 5.45.108.249:80808080POST
2017-09-29 21:51:57e983381cc175aac5b7e1f6c2b11314ff94'208 bytesVirustotal results 22/65 (33.85%) 5.45.108.249:80808080POST
2017-09-29 21:44:23dda33b0e856e8a3d924ba1d631930c5a91'136 bytesVirustotal results 36/65 (55.38%) 5.45.108.249:80808080POST
2017-09-29 21:42:11d975639c0ac7aa8856c38c7bee491ffb98'304 bytesVirustotal results 22/65 (33.85%) 5.45.108.249:80808080POST
2017-09-29 21:26:41ba44407d2ca44353fadc1cc85355564891'136 bytesVirustotal results 40/64 (62.50%) 5.45.108.249:80808080POST
2017-09-29 20:44:2567c2d74585e746cca826b2b1bfde02d291'136 bytesVirustotal results 40/65 (61.54%) 5.45.108.249:80808080POST
2017-09-29 20:40:52601f23013ee8c34be9b09dbe40f8240092'160 bytesVirustotal results 21/65 (32.31%) 5.45.108.249:80808080POST
2017-09-29 20:35:5758675d296731abfd74ca530347f2ea9b91'136 bytesVirustotal results 39/64 (60.94%) 5.45.108.249:80808080POST
2017-09-29 20:25:5744643c50efd89efc06a0bac07b5e57c091'136 bytesVirustotal results 37/65 (56.92%) 5.45.108.249:80808080POST
2017-09-29 20:21:253ba796a10871e5b066fa986d8ed8f6aa94'208 bytesVirustotal results 31/65 (47.69%) 5.45.108.249:80808080POST
2017-09-29 20:21:043b00c6dff2464a8c92b3beda18392f2491'136 bytesVirustotal results 36/64 (56.25%) 5.45.108.249:80808080POST
2017-09-29 20:20:393a3cd2d35b78ff5902fe13eb889080ca98'304 bytesVirustotal results 40/64 (62.50%) 5.45.108.249:80808080POST
2017-09-29 20:17:373529652d2b7a971530b6b71a7cf647b498'304 bytesVirustotal results 42/64 (65.62%) 5.45.108.249:80808080POST
2017-09-29 20:17:3134f57787867fdb7f0bce79ae5e76220692'160 bytesVirustotal results 19/65 (29.23%) 5.45.108.249:80808080POST
2017-09-29 20:17:113407aa353070365b8f3dc5021475aa3998'304 bytesVirustotal results 35/65 (53.85%) 5.45.108.249:80808080POST
2017-09-29 19:54:2807f104bdd53cf21385369671af4e088094'208 bytesVirustotal results 42/64 (65.62%) 5.45.108.249:80808080POST
2017-09-29 19:53:4606848b2fef6198676176c6f9edf62e0c91'136 bytesVirustotal results 38/65 (58.46%) 5.45.108.249:80808080POST
2017-09-29 19:51:59032b6f78c0fc69d89f5b2684befb82c991'136 bytesVirustotal results 37/65 (56.92%) 5.45.108.249:80808080POST
2017-09-29 19:24:369732ae9769cc2d8fa92ee2384e1bc5fa91'136 bytesVirustotal results 34/65 (52.31%) 5.45.108.249:80808080POST
2017-09-29 19:20:093daada58daeddc2e59ec881389d46cdc91'136 bytesVirustotal results 36/64 (56.25%) 5.45.108.249:80808080POST
2017-09-29 18:49:27472a049bb52700c2c5f8ba1b3327fb1a90'112 bytesVirustotal results 38/65 (58.46%) 5.45.108.249:80808080POST
2017-09-29 18:43:451e894c125545ea5bdc07ee41021845fb92'160 bytesVirustotal results 33/65 (50.77%) 5.45.108.249:80808080POST
2017-09-29 18:34:20cff696b5452202aa3798a36d8a032ac091'136 bytesVirustotal results 39/64 (60.94%) 5.45.108.249:80808080POST
2017-09-29 13:04:501f3c2164ac5cc6fd1c1f60d4cd41f96786'016 bytesVirustotal results 14/63 (22.22%) 5.45.108.249:80808080POST
2017-09-28 19:08:047ab8fb550a4f311964fcf9523cf58457210'944 bytesVirustotal results 43/64 (67.19%) 5.45.108.249:80808080POST
2017-09-28 19:07:15788d70a22ba982075aa51c4c72b404ac95'232 bytesVirustotal results 17/65 (26.15%) 5.45.108.249:80808080POST
2017-09-28 19:04:45719d2cc9587d3a532487f32bbdf987db211'968 bytesVirustotal results 43/65 (66.15%) 5.45.108.249:80808080POST
2017-09-28 19:04:13705341a2d095a1a3ea46e2b64d9307cb211'968 bytesVirustotal results 34/64 (53.12%) 5.45.108.249:80808080POST
2017-09-28 19:01:536a268b2bfaa9be1ecf3e0a461b7f8bf3211'968 bytesVirustotal results 39/65 (60.00%) 5.45.108.249:80808080POST
2017-09-28 18:41:04340bcd22b70cbbfde115040bbaa7b13b95'232 bytesVirustotal results 31/64 (48.44%) 5.45.108.249:80808080POST
2017-09-28 10:53:17a161101ff3ef920b315f75ee97933c08211'968 bytesVirustotal results 21/64 (32.81%) 5.45.108.249:80808080POST
2017-09-28 10:46:067e5fd3f4b312e40b588d652071f9c62893'184 bytesVirustotal results 22/63 (34.92%) 5.45.108.249:80808080POST

Referencing malware binaries: 59