Help RSS API Feed Maltego Contact                        

Domain > guangsu.cn

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to guangsu.cn
MD5A/V
36896cba1889dd52060d8d431fcdccf6[Trojan.Downloader.Hicrazyk.A] [Trojan.NSIS.r5] [RDN/Downloader.a!pd] [PUP.Optional.Meinv] [WS.Reputation.1] [Trojan.NSIS.StartPage.eg] [TrojWare.NSIS.TrojanDownloader.Grinidou.~C] [Heuristic.BehavesLike.Win32.Suspicious-PKR.K] [Troj/StartP-HV] [Trj/CI.A] [NSIS/TrojanDownloader.Grinidou.C] [Trojan.NSIS] [W32/StartPage.NY!tr] [Trojan.Win32.StartPage.av]
14ba81534e6274711d7e63c1e81a17ae[RDN/Downloader.a!ol] [Trojan.Downloader.cn] [WS.Reputation.1] [Trojan.DownLoad3.31376] [Heuristic.LooksLike.Win32.SuspiciousPE.J!86] [Trojan:Win32/Sisproc] [W32/Downloader.CPDN-7745] [Win32/DH{QSAlV04}]
b10485723cb0ad2e80ebd9bf38e4d050
3A9768E434653A01179E677419E562A5
80119083C682EEC04701C65B2F255B43
4a3530ed68e64f411cd0b66cc98ef058[Artemis!4A3530ED68E6] [Trojan.Downloader.cn] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.Badur.gcyr] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Win32.Troj.Badur.gc.(kcloud)] [PUP/Win32.StartPage] [Trojan.NSIS] [W32/Badur.GCYR!tr] [SHeur4.ALHH]
15767f97d6492c9297ededa5fa060bf0[W32.Sality.PE] [Win32.Sality.3] [Packed.Win32.Obfuscated.10!O] [W32.Sality.U] [PUP.BundleInstaller.DW] [Virus.Sality.Win32.20] [Virus.Win32.Sality.beygb] [W32.Sality.AE] [Sality.ZHB] [Win32/Sality.AA] [PE_SALITY.RL] [Win32:SaliCode] [Win32.Sality.BL] [Win32.Sality.N] [Trojan.DownLoader9.8672] [W32/Sality.AT] [Mal/Sality-D] [Win32.Sality.lx.368640] [Virus:Win32/Sality.AT] [Win32/Kashu.E] [Virus.Win32.Sality.bakc] [W32/Sality.AA] [Win32/Sality.NBA] [Virus.Win32.Sality] [Win32/Sality] [Virus.Win32.Sality.$Emu]
D52B81348769DBBA43288D744A9EADB6
8ade7915eda4ed94856346ecba06bb0c[Trojan.Downloader.Hicrazyk.A] [Trojan.NSIS.r5] [Trojan.StartPage.61460] [Trojan.NSIS.StartPage.eg] [Trojan.Downloader.cn] [Trojan*Win32/Beaugrit!AAA] [Trojan.Downloader.Hicrazyk.A[ZP]] [Mal/NsisDl-A]
E9747AC4B295F989CFCCFBB5BE567B99
bdaaf381bf6d15390ade3a2d11e97649
c46862fee59d4a1250a880205e12e6ce[PUA.SuspectCRC*Trojan.SuspectCRC]
0BCC74FC33A2AE842EAB50D924E6F6D6
39bb33f853ea6ff05dd9fef71af31820[Artemis!39BB33F853EA] [PUP.BundleInstaller.DW] [W32/Backdoor2.HTHJ] [Trojan.DownLoader9.8672] [Adware/Adload.B.10] [W32/Backdoor.MAHL-9391]
1905193a8e0310b3717996bec7b8f129[Artemis!1905193A8E03] [Adware.ChinAd] [Trojan.NSIS.StartPage.eg] [Artemis!1905193A8E03] [Win32.Troj.NSIS.eg.(kcloud)]

Whois
PropertyValue
Organization 李嵩
Email lovermy@qq.com
NameServer f1g1ns2.dnspod.net

DNS Resolutions
DateIP Address
2013-06-0561.191.190.209 (ClassC)
2013-09-27122.226.161.186 (ClassC)
2013-11-0760.191.144.88 (ClassC)
2013-11-1260.191.144.83 (ClassC)
2013-11-15121.63.179.182 (ClassC)
2013-11-15121.63.179.185 (ClassC)
2013-11-2160.191.144.84 (ClassC)
2013-12-0860.191.144.82 (ClassC)
2013-12-08221.234.42.190 (ClassC)
2013-12-0960.191.144.89 (ClassC)
2013-12-0960.191.144.90 (ClassC)
2013-12-09121.63.160.41 (ClassC)
2013-12-11121.63.179.183 (ClassC)
2013-12-15122.225.106.104 (ClassC)
2013-12-2261.191.188.26 (ClassC)
2013-12-22221.234.42.189 (ClassC)
2013-12-26122.225.106.101 (ClassC)
2013-12-26121.63.179.184 (ClassC)
2013-12-26121.63.179.186 (ClassC)
2014-01-01209.170.78.104 (ClassC)
2014-01-07202.107.244.74 (ClassC)
2014-01-10222.216.188.89 (ClassC)
2014-01-1061.154.102.212 (ClassC)
2014-02-27209.170.78.77 (ClassC)
2014-03-05209.170.78.108 (ClassC)
2014-03-08209.170.78.105 (ClassC)
2014-03-24209.170.78.118 (ClassC)
2014-04-12209.170.78.72 (ClassC)
2014-04-17220.162.97.165 (ClassC)
2014-04-17125.78.240.189 (ClassC)
2014-04-1738.125.163.139 (ClassC)
2014-04-1838.125.163.141 (ClassC)
2014-04-18120.39.183.29 (ClassC)
2014-05-08209.170.78.73 (ClassC)
2014-06-12218.92.220.72 (ClassC)
2014-06-13122.224.7.33 (ClassC)
2014-06-13183.61.140.199 (ClassC)
2014-06-22203.130.61.17 (ClassC)
2014-06-26118.123.18.155 (ClassC)
2014-07-04203.130.61.21 (ClassC)
2014-07-118.37.230.27 (ClassC)
2014-07-12203.130.45.12 (ClassC)
2014-08-2261.154.102.234 (ClassC)
2014-09-28180.150.178.118 (ClassC)
2014-10-29203.130.61.92 (ClassC)
2014-12-11220.162.97.209 (ClassC)
2014-12-11125.78.240.186 (ClassC)
2015-02-28218.6.111.42 (ClassC)
2015-03-16117.27.241.99 (ClassC)
2025-08-12180.150.177.249 (ClassC)

Subdomains
DateDomainIP
update001.guangsu.cn2025-07-16118.192.75.147
mini.guangsu.cn2014-02-12116.10.190.62
down.guangsu.cn2013-12-30116.10.190.62
statistics.guangsu.cn2025-07-26180.150.178.118
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information