Help RSS API Feed Maltego Contact                        

Domain > r-smtp5.korea.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to r-smtp5.korea.com
MD5A/V
971d6821a96e8f41da919db02ebc60da[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Yakes] [W32/Kelihos.BCEB!tr]
4211b2d7121c11d5f032e6620030a384[HW32.CDB.Cd7e] [Packed.Win32.Katusha.3!O] [Hlux.ZY] [VirTool:Win32/Obfuscator.WT]
860dd245cbecd656df047b97456d0ad0[HW32.CDB.9069] [Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.AntiWare!1.9D9B] [W32/Kelihos.KK@mm]
315325f544912a68464bf38e3edf6371[HW32.CDB.9e5e] [Backdoor/W32.Hlux.829456.H] [Packed.Win32.Katusha.3!O] [Backdoor.Hlux.r3] [Backdoor.Hlux!aauIqdu764w] [Trojan.FakeAV] [Kryptik.CDQY] [Backdoor.Win32.Hlux.dqyy] [Win32.Backdoor.Hlux.Lhdb] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Hack.Hlux.dq.(kcloud)] [Backdoor:Win32/Kelihos.F] [Backdoor.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.aZvR] [Win32/Trojan.337]
d38a3646d932d062528aea48d2122315
2db060643b02ebffce2e3957e0b47311[Packed.Win32.Katusha.3!O] [Backdoor.Hlux!w7qQeHPCTX8] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dsut] [BackDoor.Slym.13011] [Trojan[Backdoor]/Win32.Hlux] [VirTool:Win32/Obfuscator.WT] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Trojan.Crypt_s] [W32/Kryptik.DJH!tr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.ABwI] [Win32/Trojan.337]
0dd56a0b8ea7bedb57cebf9aacdac40f[Malware.Packer.HGX1] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [W32/Kryptik.AXUE!tr]
14bfd82cc98684fb9c3e91971d2490b1[HW32.CDB.Eb32] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.CBCJ] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
17124a0c3ffde1fd0de7168990278c06[HW32.CDB.439f] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.DNNY-5917] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ]
3ff79e59f23983931c7f8b78ff705df1[HW32.CDB.6c99] [Kryptik.CCFN] [Win32/Kelihos.SeNdHLB] [Backdoor.Win32.Hlux.dlkp] [Backdoor.Hlux!oUNizOsy5vo] [TrojWare.Win32.Kryptik.CASU] [Trojan.Packed.26544] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Backdoor.Win32.Hlux.At] [Trojan-Downloader.Win32.Waledac] [W32/Hlux.AGWI!tr] [Win32/Trojan.337]
2bb1e0a0c6f6082824d6fd9d4095bcd0[Malware.Packer.SCD] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.BDPK!tr]
14b43203abd10b893244fc8ac8d5f531[HW32.CDB.F55f] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Win32/Trojan.0de]
1ca8bda50d98c89332d39dbaf3aac976[HW32.CDB.29c0] [Packed.Win32.Katusha.3!O] [Trojan.Win32.Kryptik.cxmkag] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC]
e4fce69c0e2f36d514460974b8becdfa[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan/Win32.Yakes] [W32/Kelihos.BCEB!tr]
14a2291e48bd02b528d0c018fee03e86[HW32.CDB.A3eb] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [Trojan.Packed.26581] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.XULT-7356] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.CBCJ!tr] [Crypt_s.GNC]
0f85c93f59bf57bcc7573e7f8e373c21[HW32.CDB.47eb] [Backdoor.Hlux.r3] [Backdoor.Hlux!kSgAszTjhZg] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dmru] [Trojan.Win32.Hlux.cwzljo] [Mal/FakeAV-UF] [BackDoor.Slym.13348] [Heuristic.LooksLike.Win32.Suspicious.E] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.VZXF-1556] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Trojan.Win32.Kryptik.CASL]

Whois
PropertyValue
Email law@daesung.com
NameServer NS1.KOREA.COM
Created 1995-01-07 00:00:00
Changed 2014-05-09 00:00:00
Expires 2024-01-06 00:00:00
Registrar GABIA, INC.

DNS Resolutions
DateIP Address
2013-12-02119.205.212.220 (ClassC)
2026-03-01119.205.212.219 (ClassC)

Subdomains
DateDomainIP
mbox10.korea.com2025-12-04119.205.212.139
mbox01.korea.com2025-11-21119.205.212.130
mbox11.korea.com2026-02-15119.205.212.140
NS1.KOREA.COM2026-02-25119.205.214.75
mbox03.korea.com2026-02-19119.205.212.132
mbox13.korea.com2025-11-18119.205.212.142
mbox33.korea.com2025-11-22119.205.212.162
r-smtp3.korea.com2014-06-18119.205.212.220
mbox04.korea.com2025-11-21119.205.212.133
mbox14.korea.com2026-02-13119.205.212.143
r-smtp4.korea.com2013-05-16119.205.212.220
mbox05.korea.com2026-02-12119.205.212.134
r-smtp5.korea.com2013-12-02119.205.212.220
mbox06.korea.com2026-02-09119.205.212.135
r-smtp6.korea.com2013-05-16119.205.212.220
mbox07.korea.com2026-02-09119.205.212.136
mbox37.korea.com2026-02-11119.205.212.166
mbox08.korea.com2026-02-08119.205.212.137
mbox28.korea.com2025-12-27119.205.212.157
mbox19.korea.com2026-02-13119.205.212.148
raskb.korea.com2025-12-11119.205.214.223
ad.korea.com2025-11-13119.205.213.221
id.korea.com2026-02-18119.205.214.115
alime.korea.com2025-07-04119.205.213.60
premium.korea.com2026-02-13119.205.213.227
en.korea.com2026-02-04119.205.213.217
wwn.korea.com2025-12-12119.205.213.227
mailup.korea.com2025-11-21119.205.212.190
register.korea.com2026-02-04119.205.213.227
www.korea.com2025-06-28119.205.213.91
energy.korea.com2025-08-2127.0.236.139
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information