ZeuS Tracker :: C&C hdfc.pp.ru

The list below shows all ZeuS configs, ZeuS binaries, ZeuS dropzones and FakeURLs which are hosted on hdfc.pp.ru.

Live Information

ZeuS C&C:hdfc.pp.ru
Malware:VMZeuS
IP address:47.89.18.238
Host status:online
Uptime:838:59:59
Hostname:n/a
SBL:SBL332788
AS number:45102
AS name:CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN
Country:- Hong Kong (HK)
Level:3 (Free hosting service)
Sponsoring registrar:RU-CENTER-3LVL
Nameserver(s):a.dns.ripn.net | b.dns.ripn.net | d.dns.ripn.net | e.dns.ripn.net | f.dns.ripn.net
Date added:2016-09-23
Last checked:2017-03-23
Last updated:2017-03-05
BL status:This host is being published on the ZeuS Blocklist!

ZeuS ConfigURLs on this C&C

DateaddedZeuS ConfigURLStatusVBuilderFilesizeMD5 hashHTTP StatusFile download
2016-11-10hdfc.pp.ru/levis/file.phpoffline0n/a0501- download
2016-10-26hdfc.pp.ru/fast/file.phpoffline0n/a0501- download
2016-10-15hdfc.pp.ru/fibers/file.phpoffline0n/a0501- download
2016-09-23hdfc.pp.ru/bend/config.jpgoffline2n/a81'137c68e70830ef093238a335321d10323a0501- download

ZeuS BinaryURLs on this C&C

DateaddedZeuS BinaryURLStatusFilesizeMD5 hashAnubisVirustotalHTTP StatusFile download

none

ZeuS DropURLs (Dropzones) on this C&C

DateaddedDropURLStatusHTTP Status
2016-11-10hdfc.pp.ru/levis/gate.phpoffline501
2016-10-26hdfc.pp.ru/fast/gate.phpoffline501
2016-10-15hdfc.pp.ru/fibers/gate.phpoffline501
2016-09-23hdfc.pp.ru/bend/gate.phpoffline501

FakeURLs referenced by ZeuS Configs

ZeuS Config MD5FakeURLProtocol

Historical information

Domain History

ChangedateHostIP addressAS numberAS nameCountry
2017-03-05hdfc.pp.ru42.112.16.14818403FPT-AS-AP The Corporation for Financing & Promoting Technology
-
2017-03-04hdfc.pp.ru46.173.219.8447196GARANT-PARK-INTERNET , RU
-
2017-02-28hdfc.pp.ru46.173.219.19356364GPI-AS , RU
-
2017-02-18hdfc.pp.ru62.109.11.1629182ISPSYSTEM-AS ISPsystem Autonomous System
-
2017-02-16hdfc.pp.ru46.173.219.19356364GPI-AS , RU
-
2017-02-09hdfc.pp.ru46.173.219.13656364GPI-AS , RU
-
2017-01-27hdfc.pp.ru46.173.219.2647196GARANT-PARK-INTERNET , RU
-
2017-01-24hdfc.pp.ru95.163.121.16212695DINET-AS Digital Network JSC
-
2017-01-22hdfc.pp.ru185.147.195.3345027INETTECH-AS , UA
-
2017-01-21hdfc.pp.ru89.223.27.249201848TRADERSOFT , RU
-
2017-01-14hdfc.pp.ru89.223.27.185201848TRADERSOFT , RU
-
2017-01-13hdfc.pp.ru89.223.27.180201848TRADERSOFT , RU
-
2017-01-12hdfc.pp.ru91.107.107.79203049CLOUDPRO , RU
-
2017-01-08hdfc.pp.ru89.223.27.179201848TRADERSOFT , RU
-
2017-01-01hdfc.pp.ru91.235.129.22121100ITLDC-NL , UA
-
2016-12-29hdfc.pp.ru89.223.25.2480
-
2016-12-28hdfc.pp.ru95.163.127.21712695DINET-AS Digital Network JSC
-
2016-12-23hdfc.pp.ru89.223.24.2550
-
2016-12-12hdfc.pp.ru91.107.111.93203049CLOUDPRO , RU
-
2016-12-11hdfc.pp.ru217.12.201.11850673SERVERIUS-AS Serverius Holding B.V.
-
2016-12-09hdfc.pp.ru85.143.215.236201848TRADERSOFT , RU
-
2016-12-04hdfc.pp.ru85.143.212.138201848TRADERSOFT , RU
-
2016-12-01hdfc.pp.ru0
-
2016-11-23hdfc.pp.ru185.66.14.21745027INETTECH-AS , UA
-
2016-11-19hdfc.pp.ru81.177.27.68342RTCOMM-AS OJSC RTComm.RU
-
2016-11-11hdfc.pp.ru95.163.127.24412695DINET-AS Digital Network JSC
-
2016-11-03hdfc.pp.ru0
-
2016-11-02hdfc.pp.ru95.163.127.24412695DINET-AS Digital Network JSC
-
2016-11-01hdfc.pp.ru85.143.222.24201848TRADERSOFT , RU
-
2016-10-30hdfc.pp.ru85.143.215.183201848TRADERSOFT , RU
-
2016-10-11hdfc.pp.ru91.107.107.243203049CLOUDPRO , RU
-
2016-10-10hdfc.pp.ru91.107.107.51203049CLOUDPRO , RU
-
2016-10-07hdfc.pp.ru85.143.210.146201848TRADERSOFT , RU
-
2016-10-05hdfc.pp.ru0
-
2016-10-04hdfc.pp.ru109.248.59.15142632MNOGOBYTE-AS MnogoByte LLC
-
2016-10-01hdfc.pp.ru212.109.221.1800
-
2016-09-30hdfc.pp.ru0
-
2016-09-29hdfc.pp.ru109.248.59.14042632MNOGOBYTE-AS MnogoByte LLC
-
2016-09-28hdfc.pp.ru85.143.215.139201848TRADERSOFT , RU
-

# of rows: 39