Help RSS API Feed Maltego Contact                        

Domain > weishi.baidu.com

Welcome! Right click nodes and scroll the mouse to navigate the graph.
More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to weishi.baidu.com
MD5A/V
554ca8f36ff78e37bc086803c54e0822[Trojan.Downloader.Hicrazyk.A] [Artemis!554CA8F36FF7] [PUP.Optional.Meinv] [WS.Reputation.1] [Mal/NsisDl-A] [Heuristic.BehavesLike.Win32.Suspicious-PKR.K] [TrojanDownloader:Win32/Hicrazyk.A] [W32/StartPage.NY!tr]
147FCEC17727B03F288A410989F5E506
c50251163264adffc7ec90a4b1d35067[TrojanDownloader.Dapato.r5] [Artemis!C50251163264] [Trojan.Downloader.Dapato] [Downloader.Dapato.Win32.5044] [Trojan.ADH.2] [TROJ_GE.E6F1AD8E] [Trojan-Downloader.Win32.Dapato.ser] [Adware.Shopper.352] [TROJ_GE.E52F2583] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Win32.TrojDownloader.Dapato.s.(kcloud)] [TrojanDownloader.Dapato] [Trj/CI.A] [Win32.Adware.Malplayer.Auto] [Win32.SuspectCrc] [W32/Dapato.SER!tr.dldr] [Trojan.Win32.Dapato.AD]
07c115461f195d2872cb61d3820e4072[Artemis!07C115461F19] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.A.Downloader.1085470] [UnclassifiedMalware] [TR/Dldr.Hicrazyk.A.4] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [Trj/CI.A] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [SHeur4.ALHH] [Trojan.NSIS.Grinidou.B] [Win32/Trojan.Downloader.ca5]
15d7c17c81f0cb6b6e6f53203c3e287a[Artemis!15D7C17C81F0] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.A.Downloader.1107990] [Application.Win32.MeinV.BB] [TR/Dldr.Hicrazyk.A.18] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [Trojan.NSIS.Grinidou.B] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [Trj/CI.A] [Win32/Trojan.Downloader.ca5]
10424fb795b98aa3d3ce48e77c330fc9
1833fbd68e712a887b3d1e643dd7ab61[Trojan.Downloader.Hicrazyk.A] [Artemis!1833FBD68E71] [WS.Reputation.1] [Downloader] [TR/Dldr.Hicrazyk.A.8210] [TrojanDownloader:Win32/Hicrazyk.A] [NSIS/TrojanDownloader.Grinidou.B] [W32/StartPage.NY!tr] [Trojan.NSIS.Grinidou.B] [Win32/Trojan.Downloader.ca5]
a07964f83db34b9dbdd622aa55f9450f[Trojan.Downloader.Hicrazyk.A] [Artemis!A07964F83DB3] [WS.Reputation.1] [Downloader] [TR/Dldr.Hicrazyk.A.8221] [Win32.Troj.Undef.(kcloud)] [TrojanDownloader:Win32/Hicrazyk.A] [W32/Trojan.SOIG-3870] [Trojan.NSIS.Grinidou.B] [NSIS/TrojanDownloader.Grinidou.B] [W32/StartPage.NY!tr] [Win32/Trojan.Downloader.ca5]
f482ea37c386f2dada7b495b3fbebf0e[Artemis!F482EA37C386] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Win32.A.Downloader.1107995] [Application.Win32.MeinV.BB] [TR/Dldr.Megone.tga] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [Trojan.NSIS.Grinidou.B] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [SHeur4.ALHH] [Trj/CI.A] [Win32/Trojan.Downloader.ca5]
367c1c970f80bc5ae63c0b77f2e42992
80e3817e526af3abd045ff5a346428e9[WS.Reputation.1] [Malware] [Trojan.Nsis.Downloader.cwybas] [Trojan.StartPage.62501] [Troj/StartP-HV] [Trj/CI.A] [Heuristic.BehavesLike.Win32.Suspicious.D]
cf45125a662052db262429c1d6038a67[Trojan.Downloader.Hicrazyk.A] [Artemis!CF45125A6620] [PUP.Optional.Meinv] [WS.Reputation.1] [Riskware.Nsis.Downware.culntp] [TR/Dldr.Hicrazyk.A.5677] [Troj/StartP-HV] [Win32.Troj.Undef.(kcloud)] [TrojanDownloader:Win32/Hicrazyk.A] [NSIS/TrojanDownloader.Grinidou.B] [Trojan-Downloader.Win32.Hicrazyk] [W32/StartPage.NY!tr] [Trojan.NSIS.Grinidou.B]
cb939206df49943b58caf9a54a30907b[Trojan.KillAV] [Mal/EncPk-BW] [Cryp_Xed-12]
40da085947ac60bb6db0306ed251c1f7[Artemis!40DA085947AC] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [Trojan.Nsis.Downloader.cwybig] [Troj/StartP-HV] [Application.Win32.MeinV.BA] [TR/Dldr.Megone.tga] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [TrojanDownloader:Win32/Hicrazyk.A] [Trj/CI.A] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [SHeur4.ALHH] [Trojan.NSIS.Grinidou.B]
5f737d5eafea929f3d8902ed9c81a864[Artemis!5F737D5EAFEA] [ADW_ADLOAD] [UnclassifiedMalware] [Heuristic.BehavesLike.Win32.Suspicious-PKR.K]
b10485723cb0ad2e80ebd9bf38e4d050
109beb4944df1c0d02d37dec9c2b19ea[TrojanDownloader.Hicrazyk.g5] [Artemis!109BEB4944DF] [PUP.Optional.Meinv] [WS.Reputation.1] [Startpage.ITJD] [ADW_GRINIDOU] [Application.Win32.MeinV.BB] [Trojan.DownLoader9.63056] [TR/Dldr.Hicrazyk.A.5] [Heuristic.BehavesLike.Win32.Suspicious-PKR.S] [Troj/StartP-HV] [TrojanDownloader:Win32/Hicrazyk.A] [Trj/CI.A] [NSIS/TrojanDownloader.Grinidou.B] [PE:Trojan.Crypt!6.191F] [not-a-virus:Downloader.NSIS] [W32/StartPage.NY!tr] [Trojan.NSIS.Grinidou.B] [Win32/Trojan.Downloader.ca5]
607407aa5b4422df919582a915c55cf8[Startpage.WTF]
e69ca321a7b2331b1521b62fe01d943e[Trojan.Downloader.Hicrazyk.A] [Artemis!E69CA321A7B2] [WS.Reputation.1] [Downloader] [TR/Dldr.Hicrazyk.A.8219] [TrojanDownloader:Win32/Hicrazyk.A] [NSIS/TrojanDownloader.Grinidou.B] [W32/StartPage.NY!tr] [Trojan.NSIS.Grinidou.B] [Win32/Trojan.Downloader.ca5]
95f646a79eb5e6eca69f612ee5fb8b47[Heur.W32] [Riskware/FlyStudio]

Whois
PropertyValue
Email domainmaster@baidu.com
NameServer NS2.BAIDU.COM
Created 1999-10-11 00:00:00
Changed 2013-10-14 00:00:00
Expires 2015-10-11 00:00:00
Registrar MARKMONITOR INC.

DNS Resolutions
DateIP Address
2013-10-21123.125.65.162 (ClassC)
2014-05-29180.149.131.112 (ClassC)
2014-07-13123.125.65.162 (ClassC)
2016-02-05111.206.37.179 (ClassC)
2018-01-18182.61.62.50 (ClassC)
2018-07-20180.97.33.112 (ClassC)
2018-12-19180.149.144.182 (ClassC)
2020-11-12123.125.115.151 (ClassC)
2024-12-21153.37.235.114 (ClassC)
2025-06-21157.0.146.240 (ClassC)

Port 443

Subdomains
DateDomainIP
0.baidu.com2016-09-20112.80.248.165
100.baidu.com2024-09-21180.97.94.12
f10.baidu.com2020-06-181.81.3.36
sf10.baidu.com2024-03-23106.225.194.38
i10.baidu.com2020-07-20113.113.67.36
t10.baidu.com2020-02-271.193.147.48
g20.baidu.com2025-06-18110.242.71.103
g0.baidu.com2024-05-11180.76.5.78
img0.baidu.com2024-01-16171.214.23.35
gimg0.baidu.com2024-02-20103.235.47.165
dj0.baidu.com2020-03-21112.34.111.158
offmap0.baidu.com2025-06-22104.193.90.80
dapp0.baidu.com2024-05-30111.177.8.47
sp0.baidu.com2015-03-09180.76.3.151
gsp0.baidu.com2025-06-17103.235.47.251
pics0.baidu.com2023-12-22104.193.90.80
mms0.baidu.com2024-08-13117.33.185.38
gips0.baidu.com2024-02-23117.68.52.38
ss0.baidu.com2025-06-18104.193.90.87
gss0.baidu.com2024-03-13180.76.5.109
qpst01.baidu.com2025-06-17110.242.69.147
11.baidu.com2025-03-06182.61.62.50
1111.baidu.com2019-02-07123.125.112.65
f11.baidu.com2020-02-271.193.147.48
g11.baidu.com2024-11-11110.242.68.12
i11.baidu.com2020-07-20113.113.67.36
t11.baidu.com2020-02-271.193.147.48
g1.baidu.com2025-06-13110.242.71.103
img1.baidu.com2023-08-05110.185.186.35
ucimg1.baidu.com2024-08-27118.180.40.48
gimg1.baidu.com2023-12-10180.97.64.36
i1.baidu.com2020-06-301.81.3.36
dj1.baidu.com2020-03-05112.34.111.158
m1.baidu.com2019-02-04103.235.47.34
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information