Domain > anguita2.dti2.net

More information on this domain is in AlienVault OTX

Files that talk to anguita2.dti2.net

MD5	A/V
281bba52133b42b0041a72e8baf03600	[HW32.CDB.Eca9] [Backdoor.Hlux.r3] [Backdoor.Hlux!xA6rCWjNVLE] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dmfd] [Trojan.Win32.Kryptik.cxbhpv] [Trojan.Packed.26544] [Heuristic.LooksLike.Win32.Suspicious.E] [Mal/FakeAV-UF] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.KRFJ-3745] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GME] [Trojan.Win32.Kryptik.CASL]

DNS Resolutions

Date	IP Address
2025-01-07	81.24.162.8 (ClassC)

HTTP/1.1 200 OKContent-Security-Policy: img-src * data: blob:;base-uri self;worker-src self blob:;manifest-src self;frame-src self data:Referrer-Policy: same-originStrict-Transport-Security: max-age25

!DOCTYPE html>html>    head>        meta charsetUTF-8 />        meta nameROBOTS contentNOINDEX, FOLLOW />        meta nameviewport contentinitial-scale1,user-scalableno,maximum-scale1,widthdevice-width />        title>MDaemon Webmail/title>	      link relshortcut icon hreffavicon.ico?v971da7f329c typeimage/x-icon />        link relstylesheet hreffontawesome/css/font-awesome.min.css?v971da7f329 />	      link relstylesheet hrefWorldClient/pages/logon.css?v971da7f329 />                style typetext/css>            .custom-background {              background-image: url(All/Images/Signin-Background.png);              background-size: 100vh;              background-size: cover;              height: 100vh;              width: 100vw;              margin: 0;            }            .custom-background form {              margin-top: 0;              padding-top: 3%;              margin-bottom: -26px;            }            .custom-background .powered-by-mdaemon {              height: 80px;              background-color: #1d2b33;            }            .custom-background .branding a {              color: #fff;            }        /style>                script typetext/javascript srcAll/JavaScript/jquery-latest.js?v971da7f329>/script>        script typetext/javascript>            var $WC  {                lang: es,                useBrowserLang: true,                languages: en,ar,ca,zh,cs,da,uk,fi,fr,fc,de,gr,hu,id,it,ja,ko,nl,no,pl,pt,ro,ru,sr,sl,es,sv,tw,th,tr,vi,null,                theme: WorldClient,                link: /WorldClient.dll,                action: /WorldClient.dll?ViewMain,                https: false,                allowWebAuthnLogin: false,                attemptingDeviceAuth: Intentando inicio de sesión con autenticación de dispositivo,                unableToAuthenticateDevice: No fue posible autenticar al usuario actual. Es posible que deba registrar la credencial luego de iniciar sesión.,                capsLockIsOn: Las Mayúsculas están habilitadas            };        /script>    /head>

Port 443

!DOCTYPE html>html>    head>        meta charsetUTF-8 />        meta nameROBOTS contentNOINDEX, FOLLOW />        meta nameviewport contentinitial-scale1,user-scalableno,maximum-scale1,widthdevice-width />        title>MDaemon Webmail/title>	      link relshortcut icon hreffavicon.ico?v971da7f329c typeimage/x-icon />        link relstylesheet hreffontawesome/css/font-awesome.min.css?v971da7f329 />	      link relstylesheet hrefWorldClient/pages/logon.css?v971da7f329 />                style typetext/css>            .custom-background {              background-image: url(All/Images/Signin-Background.png);              background-size: 100vh;              background-size: cover;              height: 100vh;              width: 100vw;              margin: 0;            }            .custom-background form {              margin-top: 0;              padding-top: 3%;              margin-bottom: -26px;            }            .custom-background .powered-by-mdaemon {              height: 80px;              background-color: #1d2b33;            }            .custom-background .branding a {              color: #fff;            }        /style>                script typetext/javascript srcAll/JavaScript/jquery-latest.js?v971da7f329>/script>        script typetext/javascript>            var $WC  {                lang: es,                useBrowserLang: true,                languages: en,ar,ca,zh,cs,da,uk,fi,fr,fc,de,gr,hu,id,it,ja,ko,nl,no,pl,pt,ro,ru,sr,sl,es,sv,tw,th,tr,vi,null,                theme: WorldClient,                link: /WorldClient.dll,                action: /WorldClient.dll?ViewMain,                https: true,                allowWebAuthnLogin: false,                attemptingDeviceAuth: Intentando inicio de sesión con autenticación de dispositivo,                unableToAuthenticateDevice: No fue posible autenticar al usuario actual. Es posible que deba registrar la credencial luego de iniciar sesión.,                capsLockIsOn: Las Mayúsculas están habilitadas            };        /script>    /head>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > anguita2.dti2.net

Is this malicious?

Files that talk to anguita2.dti2.net

DNS Resolutions

Port 80

Port 443