Grum Recap
For a quick recap, here is a list of Grum CnCs. Some of these IPs were mentioned in my previous posts (1, 2, and 3), but I would like to summarize everything in one table.
Based on the data from the last 30 days, below are the Grum CnC IPs along with their ISP information.
|
IP |
ISP/Colo |
Status |
|
190.123.46.91
|
Panamaserver |
Dead |
|
195.190.13.150
|
SteepHost DC-UA |
Dead |
|
195.190.13.182
|
SteepHost DC-UA |
Dead |
|
195.190.13.206
|
SteepHost DC-UA |
Dead |
|
195.190.13.222
|
SteepHost DC-UA |
Dead |
|
195.190.13.78
|
SteepHost DC-UA |
Dead |
|
91.207.4.215
|
SteepHost DC-UA |
Dead |
|
91.207.6.134
|
SteepHost DC-UA |
Dead |
|
91.207.6.234
|
SteepHost DC-UA |
Dead |
|
91.207.6.35
|
SteepHost DC-UA |
Dead |
| 91.207.5.202 |
SteepHost DC-UA |
Dead |
|
91.207.7.6
|
SteepHost DC-UA |
Dead |
|
91.207.7.98
|
SteepHost DC-UA |
Dead |
|
91.207.8.102
|
SteepHost DC-UA |
Dead |
|
91.207.9.252
|
SteepHost DC-UA |
Dead |
|
91.239.24.251
|
GazInvestProekt ltd. |
Dead |
|
94.102.51.226
|
ECATEL LTD |
Dead |
|
94.102.51.227
|
ECATEL LTD |
Dead |
|
91.236.120.6 |
PROEKTPROFDEVELOPMENT-NET |
Dead |
Thanks again to the research community. I hope that this Grum episode will create a sense of responsibility among the ISPs as well.
Atif Mushtaq on 2012.07.23
Botnet Research
Recent Comments
i am so happy
no spam again
w86 on Grum Recap