ZeuS Tracker :: Monitor

The list below shows all ZeuS configs, ZeuS binaries, ZeuS dropzones and FakeURLs which are hosted on mecod.expresslinkcourier.online.

Live Information

ZeuS C&C:mecod.expresslinkcourier.online
Malware:Citadel
IP address:84.38.132.16
Host status:online
Uptime:838:59:59
Hostname:n/a
SBL:SBL419718
AS number:52048
AS name:DATACLUB DataClub S.A.
Country:- Netherlands (NL)
Level:4 (Unknown / not categorized)
Sponsoring registrar:n/a
Nameserver(s):a.root-servers.net | b.root-servers.net | c.root-servers.net | d.root-servers.net | e.root-servers.net | f.root-servers.net | g.root-servers.net | h.root-servers.net | i.root-servers.net | j.root-servers.net | k.root-servers.net | l.root-servers.net | m.root-servers.net
Date added:2018-10-01
Last checked:2018-10-02
Last updated:never
BL status:This host is being published on the ZeuS Blocklist!

ZeuS ConfigURLs on this C&C

DateaddedZeuS ConfigURLStatusVBuilderFilesizeMD5 hashHTTP StatusFile download
2018-10-01mecod.expresslinkcourier.online/me/at/file.phpoffline2n/a221'4689fa23e8362b4c6cc3323da8f11986a5f500- download

ZeuS BinaryURLs on this C&C

DateaddedZeuS BinaryURLStatusFilesizeMD5 hashAnubisVirustotalHTTP StatusFile download

none

ZeuS DropURLs (Dropzones) on this C&C

DateaddedDropURLStatusHTTP Status
2018-10-01mecod.expresslinkcourier.online/me/at/cache.phpoffline500

FakeURLs referenced by ZeuS Configs

ZeuS Config MD5FakeURLProtocol