Domain > lemex.ru

Welcome! Right click nodes and scroll the mouse to navigate the graph.

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2013-04-18	89.208.193.251 (ClassC)
2014-06-17	95.163.165.43 (ClassC)
2025-01-17	188.191.162.80 (ClassC)

Port 80

HTTP/1.1 200 OKCache-Control: max-age31536000Connection: Keep-AliveContent-Length: 2723Content-Type: text/htmlDate: Thu, 26 Dec 2024 00:54:16 GMTExpires: Fri, 26 Dec 2025 00:54:16 GMTX-Frame-Options:

!doctype html>html langen>meta charsetutf-8>link relicon href/favicon.png>link relicon href/favicon.svg>title>RouterOS/title>style>body {    font-family: Verdana, Geneva, sans-serif;    font-size: 11px;}img {border: none}img:hover {opacity: 0.8;}h1 {    font-size: 1.7em;    display: inline;    margin-bottom: 10px;}#container {    width: 70%;    margin: 10% auto;}#box {    background: linear-gradient(#ffffff,#f3f3f3);    border: 1px solid #c1c1c1;    padding: 30px;}.floater {float: left; margin-right: 10px;}.floater label {display: block; text-align: center;}#login {margin: 2em 0 2em 0;}#login td {padding: 0 4px 0 0;}#login td.label {text-align: right;}#login input {    margin: 2px;    padding: 2px;    border: 1px solid #888;    box-shadow: 1px 1px 3px rgba(0,0,0,0.3);}#error {    color:red;    padding: 1em 0 0 0;}#login inputtypesubmit {    box-shadow:inset 0px 1px 0px 0px #ffffff;    background-color:#ededed;    border-radius:3px;    border:1px solid #dcdcdc;    cursor:pointer;    color:#000;    font-size:12px;    padding:4px 24px;}#login inputtypesubmit:hover {    background-color:#dfdfdf;}#login inputtypesubmit:active {    position:relative;    top:1px;}/style>script srcscript.js>/script>div idcontainer>div idbox>a hrefhttps://mikrotik.com>img srcmikrotik_logo.png stylefloat: right; altMikrotik>/a>br styleclear: both;>h1>RouterOS/h1>p>You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator./p>form idlogin>table>    tr>td classlabel>label forname>Login:/label>        td>input idname autocompleteusername typetext data-defaultuseradmin>    tr>td classlabel>label forpassword>Password:/label>        td>input idpassword typepassword autofocus>        td>input typesubmit valueLogin>        td>    tr>td colspan3>    div iderror>/div>/table>/form>div>    div classfloater>a hrefhttps://mt.lv/winbox64>img srcwinbox.png altWinbox>/a>br>label>Winbox/label>/div>    div classfloater>a href/graphs>img srcgreen.png altGraphs>/a>br>lab

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

MD5	A/V
5ea646ffdc1e9bc7759fdfc926de7660	[PWS-FASY!5EA646FFDC1E] [Malware.Packer.EGX7] [Password-Stealer] [Trojan] [Hlux.XD] [Trojan-PSW.Win32.Tepfer.ijnk] [BackDoor.Slym.1498] [TR/Rogue.14575.23] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Troj/Tepfer-Q] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Foreign] [HeurEngine.MaliciousPacker] [Win32/Kelihos.F] [Trojan-PWS.Win32.Tepfer] [W32/Kryptik.X!tr] [Trj/Tepfer.B]
c86f315b840f993b805369f3a29ba797	[HW32.CDB.9f50] [Packed.Win32.Katusha.3!O] [Crypt_s.GNC]

Domain > lemex.ru

Is this malicious?

Files that talk to lemex.ru

DNS Resolutions

Port 80