Domain > ip123.com.cn

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to ip123.com.cn

MD5	A/V
c50f19faac7ec1ca943f10973312a656	[Backdoor.Farfli.r4] [Trojan.Zegost.8] [Backdoor.Farfli!SMBgOwCziFI] [Win32/Farfli.OY] [Trojan.Inject1.57210] [Backdoor.Farfli.Win32.1736] [W32/Trojan.UXVU-7782] [Trojan[Backdoor]/Win32.Farfli] [Backdoor:MSIL/Bladabindi!bit] [Artemis!C50F19FAAC7E] [Backdoor.Win32.Farfli.kko] [Trojan-GameThief.Win32.Magania] [W32/Injector.BUQG!tr] [Win32/Trojan.Adware.37e]
80ee66da992eb38bb083ab80ebda59ca	[BDS/Zegost.126976.13] [Trojan.Inject1.55195] [Win32/Farfli.DZ] [W32/Vehidis.BRW!tr] [Inject2.CBKP] [Trojan-GameThief.Win32.Magania] [Trojan.Win32.Vehidis.brw] [Backdoor*Win32/Zegost.Q]
0b915e445fce730d66106bc89146a96e	[W32/Farfli.OY!tr] [Backdoor*Win32/Zegost.BZ] [Trojan.Reconyc] [W32/Trojan.NBYW-5862] [Backdoor.Win32.Zegost] [Trojan.Win32.Reconyc.ettw] [Troj/Zegost-GO] [Trojan.DownLoader16.21726]
9a36c05a0f54efadcf7b4872987a1c97	[TR/Crypt.Xpack.277926] [Win32/Kryptik.DMDY] [W32/Injector.BUQG!tr] [Trojan*Win32/Dynamer!ac] [Trojan.Win32.Farfli] [Trojan.Win32.Reconyc.euwp] [Troj/Zegost-GO] [Trojan.DownLoader16.29091]
6f17a155d8e437c9fd566d29776f7f8b	[W32/Farfli.OY!tr] [Backdoor*Win32/Zegost.BZ] [W32/Trojan.SCDN-7204] [Backdoor.Win32.Zegost] [Trojan.Win32.Reconyc.eteq] [Troj/Zegost-GO] [Trojan.DownLoader16.21726]
29c24e8721601eb178c7d5f5a8447549	[Trojan.Inject1.56645] [Trojan.Reconyc] [Troj/Zegost-GO] [Trojan.Win32.Reconyc.ehee] [Trojan.Reconyc.Win32.10780] [Trojan.Win32.Injector] [W32/Trojan.VFBP-6541] [Backdoor*Win32/Zegost.AD] [W32/Injector.BUQG!tr] [Inject2.CGMS] [Win32/Injector.BVVR] [Trojan.Reconyc.ehee.uczk] [BDS/Zegost.357792]
58ad4dfb07eb453364af9a85745e0a05	[TR/AD.Zegost.M.332] [Win32/Kryptik.DFLZ] [W32/Injector.BUQG!tr] [Backdoor*Win32/Zegost.L] [Worm.Magania] [W32/Trojan.TFFG-3460] [Trojan.Win32.Crypt] [Trojan.Reconyc.Win32.13478] [Trojan.Win32.Reconyc.eptx] [Troj/Zegost-GO] [Trojan.Inject2.631]
89d8cae847806568846fdc5c2ec010ff	[TR/AD.Zegost.M.335] [Win32/Farfli.OY] [Backdoor*Win32/Zegost.AD] [Trojan.Win32.Farfli] [Troj/Zegost-GO] [Trojan.DownLoader15.7278]
cee5881b803026a0fc252ece2645df37	[Win32/Injector.BVVR] [Backdoor*Win32/Zegost.AD] [Inject3.AXX] [Trojan.Inject1.63794] [Backdoor.Bot] [Troj/Zegost-GO] [Trojan.Win32.Reconyc.epwe] [W32/Injector.BUQG!tr] [Trojan.Win32.Injector]
7c149747922115766d705676354a08b5	[Backdoor.Win32.Farfli.aayg] [Backdoor.Win32.Farfli.aayg] [BackdoorWin32/Zegost.AD] [W32/Injector.BUQG!tr] [Backdoor.Win32.ZZSlash] [BackdoorWin32/Zegost.AD] [Win32/Injector.BVVR] [Win32/Injector.BVVR] [W32/Injector.BUQG!tr] [Inject3.HYG] [Backdoor.Win32.ZZSlash] [W32/Trojan.GFOK-1763] [W32/Trojan.GFOK-1763] [TR/AD.Zegost.M.509] [TR/AD.Zegost.M.509] [Inject3.HYG] [Trojan.Inject2.5398] [Trojan.Inject2.5398]
da7335aaf87fe0e3450372119268218c	[Win32/Kryptik.DIYP] [Crypt4.BZTL] [W32/Injector.CJVZ!tr] [Backdoor*Win32/Zegost.AD] [Trojan.Win32.Injector] [Trojan.Reconyc.Win32.13072] [Trojan.Win32.Reconyc.equk] [Troj/Zegost-GO] [Trojan.Reconyc] [Trojan.DownLoader15.58797]

Whois

Property	Value
Organization	史延坤
Email	shiyankun@foxmail.com
NameServer	ns2.myhostadmin.net

DNS Resolutions

Date	IP Address
2016-06-10	108.162.193.116 (ClassC)
2018-12-27	162.159.209.86 (ClassC)
2024-09-01	8.210.127.173 (ClassC)
2025-02-11	218.247.87.27 (ClassC)
2025-03-28	211.149.243.142 (ClassC)
2025-08-08	222.210.34.216 (ClassC)
2025-12-02	211.149.230.233 (ClassC)
2026-02-15	211.149.230.52 (ClassC)

Subdomains

Date	Domain	IP
www.ip123.com.cn	2019-09-07	172.247.93.29

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]