Grum Recap

For a quick recap, here is a list of Grum CnCs. Some of these IPs were mentioned in my previous posts (1, 2, and 3), but I would like to summarize everything in one table.

Based on the data from the last 30 days, below are the Grum CnC IPs along with their ISP information.

IP IPS/Colo Status
190.123.46.91 190.123.46.91 Panamaserver Panamaserver Dead Dead
195.190.13.150 195.190.13.150 SteepHost DC-UA SteepHost DC-UA Dead Dead
195.190.13.182 195.190.13.182 SteepHost DC-UA SteepHost DC-UA Dead Dead
195.190.13.206 195.190.13.206 SteepHost DC-UA SteepHost DC-UA Dead Dead
195.190.13.222 195.190.13.222 SteepHost DC-UA SteepHost DC-UA Dead Dead
195.190.13.78 195.190.13.78 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.4.215 91.207.4.215 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.6.134 91.207.6.134 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.6.234 91.207.6.234 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.6.35 91.207.6.35 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.5.202 91.207.5.202 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.7.6 91.207.7.6 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.7.98 91.207.7.98 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.8.102 91.207.8.102 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.207.9.252 91.207.9.252 SteepHost DC-UA SteepHost DC-UA Dead Dead
91.239.24.251 91.239.24.251 GazInvestProekt ltd. GazInvestProekt ltd. Dead Dead
94.102.51.226 94.102.51.226 ECATEL LTD ECATEL LTD Dead Dead
94.102.51.227 94.102.51.227 ECATEL LTD ECATEL LTD Dead Dead
91.236.120.6 91.236.120.6 PROEKTPROFDEVELOPMENT-NET PROEKTPROFDEVELOPMENT-NET Dead Dead

Thanks again to the research community. I hope that this Grum episode will create a sense of responsibility among the ISPs as well.