Domain > tgp.my

More information on this domain is in AlienVault OTX

Files that talk to tgp.my

MD5	A/V
ea2d03fe41db2ff3e5b29c1a08c84217	[TR/Crypt.ZPACK.125365] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWZM] [W32/Kryptik.CXBS!tr] [Crypt3.BXSF] [Trojan.Win32.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
1de86948dd9570631ecdefe9b5996847	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!1DE86948DD95] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
829cd977ecb35878443c0cbb2dd2af35	[TR/Crypt.Xpack.139927] [Win32/Tnega.UDAVCWB] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWTY] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWF!829CD977ECB3] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
5e79c6c2ce384ce40b680586d0c98a32	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Trojan.Betabot.3] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!5E79C6C2CE38] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
1013486c1a4c4b60de39fe804c1c6bba	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!1013486C1A4C] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
9f683591b7b156f44c902776a0d75f03	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!9F683591B7B1] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
b57261e61e1593d2db3e4ee8d5a67a22	[TR/Crypt.Xpack.139927] [Win32/Tnega.UDAVCWB] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWTY] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWF!B57261E61E15] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
fc7ce2f21e8366b9c671241a3cf5195c	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!FC7CE2F21E83] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
a27a377c673b0d9cf709cc413924037c	[TR/Crypt.ZPACK.125052] [TrojanRansom.Crowti.A4] [Trojan.Encoder.514] [Win32/Kryptik.CWWK] [W32/Kryptik.CXFI!tr] [Crypt3.BXBZ] [Trojan.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Infostealer.Limitail]
8a50a392b230b67e6e5e0f7002bdbff0	[TR/Crypt.Xpack.138415] [Win32/Tnega.cKUZYdD] [Trojan.DownLoad3.35619] [Win32/Kryptik.DAVX] [W32/Kryptik.CWSU!tr] [Crypt3.BWMP] [Trojan.Win32.Crypt] [Ransom-FWE!8A50A392B230] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-Z] [Trojan.Asprox.B]
bed8dbc8379dd8294e74582a82544676	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!BED8DBC8379D] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
ca51840439d19e70001c4e8038b7c102	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!CA51840439D1] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
f6ce84c87e4b438380a58d64291cd085	[TR/Crypt.ZPACK.125365] [TrojanRansom.Crowti.A4] [Trojan.Packed.18626] [Win32/Kryptik.CWZM] [W32/Kryptik.CXBS!tr] [Crypt3.BXSF] [Trojan.Win32.Crypt] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
ed526538cfac7e20609543542bc87c50	[TR/Crypt.Xpack.140093] [Win32/Tnega.dHROTLB] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!ED526538CFAC] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
3a7725cdc51fcaed2ea79816c9508be8	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!3A7725CDC51F] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
3a123f4ffa8e3444d5046ef87f9b3fcc	[TR/Crypt.Xpack.139709] [Win32/Tnega.IBAaLb] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!3A123F4FFA8E] [RansomWin32/CrowtiTrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
364cbd68607560ec8ce1e8576663c148	[TR/Crypt.Xpack.140093] [Win32/Tnega.dHROTLB] [Trojan.Betabot.3] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!364CBD686075] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
dfa43a8d13e770ced160e0072276e2d2	[TR/Crypt.Xpack.139927] [Win32/Tnega.UDAVCWB] [TrojanRansom.Crowti.A4] [Win32/Kryptik.CWTY] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWF!DFA43A8D13E7] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
52c45a8819c5866376a00c02f2daa456	[TR/Crypt.Xpack.140093] [Win32/Tnega.dHROTLB] [Win32/Kryptik.CWSU] [W32/Kryptik.CWSU!tr] [Win32/Cryptor] [Trojan.Win32.Crypt] [Ransom-FWG!52C45A8819C5] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]
6ff4b218854da7a753913390d449b4b0	[TR/Crypt.ZPACK.124067] [Win32/Crowti.MOeMUd] [TrojanRansom.Crowti.A4] [W32/Kryptik.CXBS!tr] [Win32/Cryptor] [Ransom-FWF!6FF4B218854D] [RansomWin32/Crowti.ATrojan*Win32/Fleercivet.D] [Mal/Wonton-AN] [Trojan.Asprox.B]

Whois

Property	Value
Email	domreg@firstonline.net

DNS Resolutions

Date	IP Address
2015-03-08	119.110.109.36 (ClassC)
2025-08-08	104.152.168.30 (ClassC)

HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout5, max100x-powered-by: PHP/7.4.33set-cookie: super_sessionca17e0ca874da47ac247e6f8bc5a58f2%7C%7C1689845703%7C%7C1689845343; expiresThu, 20-Jul-2

!DOCTYPE html>html langen-US>head>	meta charsetUTF-8 />meta http-equivX-UA-Compatible contentIEedge>	link relpingback hrefhttps://tgp.my/xmlrpc.php />	script typetext/javascript>		document.documentElement.className  js;	/script>		script>var et_site_urlhttps://tgp.my;var et_post_id49741;function et_core_page_resource_fallback(a,b){undefinedtypeof b&&(ba.sheet.cssRules&&0a.sheet.cssRules.length);b&&(a.onerrornull,a.onloadnull,a.href?a.hrefet_site_url+/?et_core_page_resource+a.id+et_post_id:a.src&&(a.srcet_site_url+/?et_core_page_resource+a.id+et_post_id))}/script>title>TGP Group | Johor Bahru, Malaysia Property | Interior Design | Property Management/title>meta namerobots contentmax-image-preview:large />link reldns-prefetch href//fonts.googleapis.com />link reldns-prefetch href//s.w.org />link relalternate typeapplication/rss+xml titleTGP Group » Feed hrefhttps://tgp.my/feed/ />link relalternate typeapplication/rss+xml titleTGP Group » Comments Feed hrefhttps://tgp.my/comments/feed/ />		script typetext/javascript>			window._wpemojiSettings  {baseUrl:https://s.w.org/images/core/emoji/13.0.1/72x72/,ext:.png,svgUrl:https://s.w.org/images/core/emoji/13.0.1/svg/,svgExt:.svg,source:{concatemoji:https://tgp.my/wp-includes/js/wp-emoji-release.min.js?ver5.7.9}};			!function(e,a,t){var n,r,o,ia.createElement(canvas),pi.getContext&&i.getContext(2d);function s(e,t){var aString.fromCharCode;p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,e),0,0);ei.toDataURL();return p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,t),0,0),ei.toDataURL()}function c(e){var ta.createElement(script);t.srce,t.defert.typetext/javascript,a.getElementsByTagName(head)0.appendChild(t)}for(oArray(flag,emoji),t.supports{everything:!0,everythingExceptFlag:!0},r0;ro.length;r++)t.supportsorfunction(e){if(!p||!p.fillText)return!1;switch(p.textBaselinetop,p.font600 32px Arial,e){caseflag:return s(127987,65039,8205,9895,65039,127987,65039,8203,9895,65039)?!1:!s(55356,56826,55356,56819,55356,56826,8203,55356,56819)&&!s(55356,57332

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > tgp.my

Is this malicious?

Files that talk to tgp.my

Whois

DNS Resolutions

Port 443