Domain > freeserve.co

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to freeserve.co

MD5	A/V
292ad75fbab2288a453c7f7db162eed0	[HW32.CDB.A2b5] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux!xuwpKhCjMA8] [WS.Reputation.1] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqzg] [UnclassifiedMalware] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.HATR-5126] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.Aj] [Win32/Trojan.112]
e21b3469b4fc1efddf76d8c89f1ebb2a	[Malware.Packer.HGX1] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
db5b440f6419090cd9567f3b33fd3ced	[Malware.Packer.HGX1] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
b36385662ebdaf40bc3d28f90b6a4751	[Spyware.Zbot.USBV] [Trojan] [BackDoor.SlymENT.1498] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Foreign]
2c2371e95bb5d87ccd5d19a114492f70	[HW32.CDB.18af] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Backdoor.Win32.Kelihos] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ] [Win32/Trojan.0de]
4be57c95dd1e77ba6b00af63f6c5d79a	[BackDoor.Slym.1498] [BDS/Kelihos.F.5092] [Win32.PSWTroj.Tepfer.hd.(kcloud)] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [Backdoor.Win32.Kelihos] [W32/Kelihos.JI!tr]
61b408e2de1c4996c3708f1f46913d60	[HW32.CDB.C1b5] [Trojan.Kryptik!QyFpAm9uzfY] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djft] [Trojan.Win32.S.PSW-Tepfer.835600.AI] [UnclassifiedMalware] [BackDoor.Slym.14044] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Trojan/Win32.Tepfer] [W32/Trojan.AJYO-7526] [Backdoor.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt3.HUF] [Trojan.Win32.Kryptik.BZIX]
dde053529fc90359815908c8ee1def65	[FakeSecTool-FCX!DDE053529FC9] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]
14bfd82cc98684fb9c3e91971d2490b1	[HW32.CDB.Eb32] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.CBCJ] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
fe734b28009c7dd5389f64d72722bb21
14a2291e48bd02b528d0c018fee03e86	[HW32.CDB.A3eb] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [Trojan.Packed.26581] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.XULT-7356] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.CBCJ!tr] [Crypt_s.GNC]
2ecde55cc501d71803f0c57d668fa546	[HW32.CDB.7c65] [WS.Reputation.1] [Kryptik.CCFN] [Trojan-PSW.Win32.Tepfer.txcq] [Trojan.PWS.Tepfer!kS2SkVA+79E] [TrojWare.Win32.Kryptik.CAUP] [Trojan.Packed.26581] [Mal/FakeAV-UF] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32.Trojan-qqpass.Qqrob.Hvtt] [Trojan-Downloader.Win32.Waledac] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GMK] [Trojan.Win32.Kryptik.CAUP]
3223f61af50aa26a1c3bb96fe1779011	[HW32.CDB.D56b] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux.r3] [Backdoor.Hlux.Win32.9065] [Trojan.Win32.Kryptik.czfnsp] [Trojan.FakeAV] [Kryptik.CCQY] [Backdoor.Win32.Hlux.dueu] [Backdoor.Hlux!DdFHfWii/ns] [UnclassifiedMalware] [TR/Kryptik.oenzk] [Backdoor:Win32/Kelihos] [Trojan/Win32.FakeAV] [Heur.Trojan.Hlux] [Backdoor.Win32.Hlux.cri] [Trojan.Crypt3] [W32/Kryptik.CBOM!tr] [Crypt3.ORV] [Backdoor.Win32.Hlux.Acmu] [Win32/Trojan.7bf]
3ff79e59f23983931c7f8b78ff705df1	[HW32.CDB.6c99] [Kryptik.CCFN] [Win32/Kelihos.SeNdHLB] [Backdoor.Win32.Hlux.dlkp] [Backdoor.Hlux!oUNizOsy5vo] [TrojWare.Win32.Kryptik.CASU] [Trojan.Packed.26544] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Backdoor.Win32.Hlux.At] [Trojan-Downloader.Win32.Waledac] [W32/Hlux.AGWI!tr] [Win32/Trojan.337]
3209b25b5988bb055d56e1b1e6382e40	[HW32.CDB.53d8] [Kryptik.CCFN] [Trojan-PSW.Win32.Tepfer.twjg] [Mal/FakeAV-UF] [TrojWare.Win32.Kryptik.CASU] [Trojan.Packed.26544] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [W32/Trojan.ELDJ-0755] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GPK] [Trojan.Win32.InfoStealer.As]
2625ca957f30c6fb439d6fb819b96e96	[HW32.CDB.0b76] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan.Win32.S.PSW-Tepfer.829456.AK] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Malware!Drop] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.ZDOX-3335] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
0d42b2efd88f95f4d5af60b548d7290a	[FraudTool.Security] [W32/Tepfer.MQ!tr] [Win32/Cryptor]
e4fce69c0e2f36d514460974b8becdfa	[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Yakes] [W32/Kelihos.BCEB!tr]
69105950b2bb95843dea5937bea0e8f0	[HW32.CDB.5919] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ]
9aa81fa022c0b159758efa1bda4f9be1	[HW32.CDB.A20b] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dthd] [UnclassifiedMalware] [BackDoor.Slym.13011] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Win32.Backdoor.Hlux.Hwcu] [Trojan.Crypt3] [W32/Kryptik.BD!tr] [Crypt3.OHL] [Backdoor.Win32.Hlux.Ac]

DNS Resolutions

Date	IP Address
2013-07-31	195.22.26.231 (ClassC)
2015-01-30	195.22.26.252 (ClassC)
2015-01-30	195.22.26.253 (ClassC)
2015-03-15	54.85.214.90 (ClassC)
2024-05-07	91.103.219.226 (ClassC)
2025-04-27	92.204.221.148 (ClassC)
2025-10-17	213.175.196.125 (ClassC)

Port 80

Subdomains

Date	Domain	IP
woodies2000.freeserve.co	2014-06-18	195.22.26.231
hillside02.freeserve.co	2013-07-31	195.22.26.231
sunnyside37.freeserve.co	2013-05-16	195.22.26.231
autografica.freeserve.co	2013-05-16	195.22.26.231
33cmc.freeserve.co	2014-07-30	195.22.26.231
mrutherford.freeserve.co	2014-07-05	195.22.26.254
makesafeltd.freeserve.co	2014-07-05	195.22.26.254
libbyfrench.freeserve.co	2014-06-18	195.22.26.252
canning-liverpool.freeserve.co	2014-08-02	195.22.26.252
rossiterjan.freeserve.co	2014-06-08	195.22.26.231
mightredmen.freeserve.co	2014-06-17	195.22.26.254
bayviewbarn.freeserve.co	2013-04-18	195.22.26.231
hairypeteentreprises.freeserve.co	2013-05-29	195.22.26.231
majorevents.freeserve.co	2013-12-04	195.22.26.253
brownft.freeserve.co	2013-07-31	195.22.26.231

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]