ZeuS Tracker :: C&C xbsezlmaha.loan

The list below shows all ZeuS configs, ZeuS binaries, ZeuS dropzones and FakeURLs which are hosted on xbsezlmaha.loan.

Live Information

ZeuS C&C:xbsezlmaha.loan
Malware:VMZeuS
IP address:104.238.158.106
Host status:online
Uptime:838:59:59
Hostname:104.238.158.106.vultr.com
SBL:Not listed
AS number:20473
AS name:AS-CHOOPA - Choopa, LLC
Country:- Germany (DE)
Level:4 (Unknown / not categorized)
Sponsoring registrar:n/a
Nameserver(s):a.root-servers.net | b.root-servers.net | c.root-servers.net | d.root-servers.net | e.root-servers.net | f.root-servers.net | g.root-servers.net | h.root-servers.net | i.root-servers.net | j.root-servers.net | k.root-servers.net | l.root-servers.net | m.root-servers.net
Date added:2016-05-07
Last checked:2018-07-20
Last updated:2017-08-09
BL status:This host is being published on the ZeuS Blocklist!

ZeuS ConfigURLs on this C&C

DateaddedZeuS ConfigURLStatusVBuilderFilesizeMD5 hashHTTP StatusFile download
2016-05-07xbsezlmaha.loan/news/config.jpgoffline2n/a1543b31a333c9b78f0c53d0f392c233581200- download

ZeuS BinaryURLs on this C&C

DateaddedZeuS BinaryURLStatusFilesizeMD5 hashAnubisVirustotalHTTP StatusFile download

none

ZeuS DropURLs (Dropzones) on this C&C

DateaddedDropURLStatusHTTP Status
2016-05-07xbsezlmaha.loan/news/gate.phponline200

FakeURLs referenced by ZeuS Configs

ZeuS Config MD5FakeURLProtocol

Historical information

ConfigURL History

ChangedateHostConfigURLHashFile Download
2017-10-04xbsezlmaha.loanxbsezlmaha.loan/news/config.jpg244b91f392e1ff7e0dcfc42e7e142a10- download

# of rows: 1

Domain History

ChangedateHostIP addressAS numberAS nameCountry
2017-08-09xbsezlmaha.loan0
-
2016-05-10xbsezlmaha.loan198.105.221.636351SOFTLAYER - SoftLayer Technologies Inc.
-

# of rows: 2