Domain > duapp.n.shifen.com

Welcome! Right click nodes and scroll the mouse to navigate the graph.

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to duapp.n.shifen.com

MD5	A/V
132a1dcd37cbc608b4dbd0ba1e7d61a3	[Heur.W32] [W32/A-8128ee96!Eldorado] [TR/Tonmye.A.7691] [Trojan.Tonmye.g4] [Riskware/FlyStudio] [Spyware.OnlineGames]
6ff68265ff30d3c17045b68e5b9c364f	[TR/Rogue.991232.20] [Riskware/FlyStudio] [Trojan*W32/DelfInject.R]
0ce0e6ca2926976f62a0ef5c5c515cdd
0325b74d6521e84323a8507414516451	[W32/S-9a0e6078!Eldorado] [Win32/Oflwr.A!crypt] [Trojan.DownLoader13.4483] [W32/QQPass.ELG!tr.pws] [Trojan*W32/DelfInject.R] [Win32/DH{QROBEiAiWyWBE1dYTg}] [Win32.SuspectCrc] [Trojan.33C0C390@2FF0000@.mg]
288375e3ac868acbeedfaa73db5dde23	[W32/S-9a0e6078!Eldorado] [Win32/Oflwr.A!crypt] [Trojan.DownLoader13.4483] [W32/QQPass.ELG!tr.pws] [Trojan*W32/DelfInject.R] [Win32/DH{QROBEiAiWyWBE1dYTg}] [Trojan.33C0C390@2FF0000@.mg]
1f862735c0df5c2e2f839735272724b8	[W32/S-9a0e6078!Eldorado] [Win32/Oflwr.A!crypt] [Trojan.DownLoader13.4483] [W32/QQPass.ELG!tr.pws] [Trojan*W32/DelfInject.R] [Win32/DH{QROBEiAiWyWBE1dYTg}] [Trojan.33C0C390@2FF0000@.mg]
4c97a1b6dd8d4a9aab5ff4b21a44edba
0f04bd2b438406a30ecc34c4db1b119c	[Win32/Nimnul.A] [Win32.Roue.a] [W32/Kudj] [W32/Jadtre.B] [Virus.558BEC81EC@120000#.mg] [Win32.VJadtre.3] [Win32/Wapomi.I] [W32.Wapomi.C!inf] [W32/Nimnul.F] [Win32.VJadtre.3] [Virus*Win32/Mikcer.B] [Win32.VJadtre.3] [W32/PatchLoad.E] [W32/PatchLoad.E] [Trojan-Downloader.Win32.Small] [Win32.VJadtre.3] [Virus.Nimnul.Win32.5] [Virus.Win32.Nimnul.f] [PE_WAPOMI.BM] [W32/Nimnul-A] [W32.Nimnul.F1] [Virus.Nimnul.19209] [Win32.VJadtre.3] [Win32.VJadtre.3] [Win.Trojan.Downloader-64296] [BackDoor.Darkshell.246] [Win32.VJadtre.3]

Whois

Property	Value
Email	domainmaster@baidu.com
NameServer	NS2.BAIDU.COM
Created	2001-08-01 00:00:00
Changed	2010-10-27 00:00:00
Expires	2015-08-01 00:00:00
Registrar	MARKMONITOR INC.