Domain > rush.edu

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to rush.edu

MD5	A/V
c7bf064346fafe4fc55b43abcfe96b00	[HW32.CDB.E6f3] [Backdoor.Kelihos.r3] [Backdoor.Hlux!zUFIktBYK3s] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djfw] [Trojan.Win32.S.PSW-Tepfer.835600.AM] [UnclassifiedMalware] [BackDoor.Slym.14049] [Mal/Kelihos-A] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [W32/Trojan.QQUO-1304] [Backdoor.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt3.HUC] [Trojan.Win32.Kryptik.BZIX]
0b3871cee57208c860538b215d68b031	[HW32.CDB.E7e9] [Packed.Win32.Katusha.3!O] [Win32.Malware!Drop] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dtkk] [UnclassifiedMalware] [BackDoor.Slym.13011] [Trojan[Backdoor]/Win32.Hlux] [Trojan:Win32/Sisron] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Trojan.Crypt3] [W32/Kryptik.BD!tr] [Crypt3.OIU] [Backdoor.Win32.Hlux.am]
3209b25b5988bb055d56e1b1e6382e40	[HW32.CDB.53d8] [Kryptik.CCFN] [Trojan-PSW.Win32.Tepfer.twjg] [Mal/FakeAV-UF] [TrojWare.Win32.Kryptik.CASU] [Trojan.Packed.26544] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [W32/Trojan.ELDJ-0755] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GPK] [Trojan.Win32.InfoStealer.As]
2625ca957f30c6fb439d6fb819b96e96	[HW32.CDB.0b76] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan.Win32.S.PSW-Tepfer.829456.AK] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Malware!Drop] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.ZDOX-3335] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
b57bb4825aa1e4411b0bf7a45a466cae	[HW32.CDB.3aa8] [Trojan.Kelihos.ED]
c86f315b840f993b805369f3a29ba797	[HW32.CDB.9f50] [Packed.Win32.Katusha.3!O] [Crypt_s.GNC]
20837cfed9fcc3df5a3e414c18eff646	[Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ]
0d42b2efd88f95f4d5af60b548d7290a	[FraudTool.Security] [W32/Tepfer.MQ!tr] [Win32/Cryptor]
14b43203abd10b893244fc8ac8d5f531	[HW32.CDB.F55f] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [UnclassifiedMalware] [BackDoor.Slym.13873] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Win32/Trojan.0de]
24a034d09222c5370365c4cdadde0f65	[HW32.CDB.Da0d] [Packed.Win32.Katusha.3!O] [Kryptik.CDQY] [TrojWare.Win32.Kryptik.CBCJ] [Trojan.Packed.26581] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Trojan.Win32.Kryptik.CBCJ] [Win32/Trojan.0de]
fe734b28009c7dd5389f64d72722bb21
d6a71b4d3098eab4dddab30fddbaef35	[FakeSecTool-FCX!D6A71B4D3098] [Malware.Packer.FFS] [BackDoor.SlymENT.2075] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]

Whois

Property	Value
Email	univ_admins@rush.edu
Address	Rush University Medical Center 1653 W. Congress Parkway Chicago, IL 60612
NameServer	NS2.RUSH.EDU
Created	1993-04-22 00:00:00
Changed	2013-09-30 00:00:00
Expires	2015-07-31 00:00:00

DNS Resolutions

Date	IP Address
2012-06-23	144.74.60.151 (ClassC)
2014-04-04	144.74.60.21 (ClassC)
2014-04-25	144.74.60.151 (ClassC)
2024-05-17	52.87.69.102 (ClassC)
2025-06-01	3.233.48.238 (ClassC)

Port 80

Port 443

Subdomains

Date	Domain	IP
ns1.rush.edu	2025-05-17	144.74.60.112
NS2.RUSH.EDU	2025-05-18	144.74.60.244
catalog.rush.edu	2024-12-04	35.174.48.113
copleyvpn.rush.edu	2025-05-18	12.158.6.87
rushu.rush.edu	2025-05-17	3.233.48.238
www.rush.edu	2024-05-11	52.87.69.102

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]