Domain > xudashan.kmip.net

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to xudashan.kmip.net

MD5	A/V
03ae5e251e76538c2b4e19abad01fa0f	[HW32.TsCabk.ucws] [Backdoor.Hupigon.40100] [Worm/W32.Runfer.716288] [Worm.Runfer.im] [Artemis!03AE5E251E76] [W32.W.Runfer] [W32/Runfer.im] [Worm.Runfer!aY5OoHQ1u3Q] [Suspicious.Graybird.1] [Hupigon.NKKT] [WORM_HUPIGON.CWB] [Worm.Win32.Runfer.im] [Backdoor.Hupigon.40100] [Trojan.Win32.Runfer.nsyh] [Worm.Win32.Runfer.716288.C] [Backdoor.Hupigon.40100] [Packed.Win32.Aspack.AB] [Backdoor.Hupigon.40100] [BackDoor.Huai.810] [WORM_HUPIGON.CWB] [Heuristic.LooksLike.Win32.Suspicious.F] [Worm/Runfer.yv] [Worm.Runfer.im.(kcloud)] [VirTool:Win32/Obfuscator.XY] [Backdoor.Hupigon.40100] [MalwareScope.Trojan-PSW.Game.16] [PE:Backdoor.Win32.ShangXing.kd!1075156462] [Trojan-PWS.Win32.QQPass] [Luhe.Fiha.A] [Trj/Thed.B] [Win32/Backdoor.Hupigon.f95]
991abf63c219458bd29ea50e352a34eb	[W32.Cloda56.Trojan.5238] [Backdoor.Hupigon.AXRD] [Worm/W32.Runfer.716288.B] [Worm.Runfer.il] [Artemis!991ABF63C219] [W32/Runfer.il] [Worm.Runfer!l/40O8lKOgU] [Suspicious.Graybird.1] [Hupigon.NMPS] [WORM_HUPIGON.CWB] [Worm.Win32.Runfer.il] [Backdoor.Hupigon.AXRD] [Trojan.Win32.Runfer.ntir] [Backdoor.Hupigon.AXRD] [Packed.Win32.Aspack.AB] [Backdoor.Hupigon.AXRD] [BackDoor.Huai.2056] [WORM_HUPIGON.CWB] [Heuristic.LooksLike.Win32.Suspicious.F] [Worm/Runfer.tw] [Worm.Runfer.im.(kcloud)] [VirTool:Win32/Obfuscator.XY] [Worm.Win32.Runfer.716288.B] [Backdoor.Hupigon.AXRD] [Backdoor/Win32.Hupigon] [MalwareScope.Trojan-PSW.Game.16] [Trj/Thed.B] [PE:Backdoor.Win32.ShangXing.kd!1075156462] [Trojan-PWS.Win32.QQPass] [Luhe.Fiha.A] [Worm.Win32.Runfer.AUg] [Win32/Backdoor.Hupigon.c7c]
bcccf195c1cea2b92c89bcfaa2f0b548	[W32.Clod87f.Trojan.cbca] [Worm.Runfer.ii] [Artemis!BCCCF195C1CE] [W32/Runfer.ii] [Worm.Runfer!u8VMcxpUtrI] [Suspicious.Graybird.1] [Smallworm.DFHX] [TSPY_ONLINEG.NXV] [Worm.Win32.Runfer.ii] [Trojan.Win32.Runfer.lsym] [Worm.Win32.Runfer.716288] [PE:Backdoor.Win32.ShangXing.kd!1075156462] [Packed.Win32.Aspack.AB] [BackDoor.Huai.2671] [TSPY_ONLINEG.NXV] [Heuristic.LooksLike.Win32.Suspicious.F] [Worm/Win32.AutoRun] [Worm.Runfer.im.(kcloud)] [TrojanDropper:Win32/Delfsnif.A] [Backdoor/Win32.Hupigon] [MalwareScope.Trojan-PSW.Game.16] [Worm.Win32.Runfer.ahZJ] [Trojan-PWS.Win32.QQPass] [Luhe.Fiha.A] [Trj/Thed.B]

Whois

Property	Value
Email	contact@privacyprotect.org
NameServer	DNS2.PARKING-PAGE.NET
Created	2003-05-28 00:00:00
Changed	2013-04-16 00:00:00
Expires	2018-05-28 00:00:00
Registrar	PDR LTD. D/B/A PUBLI

DNS Resolutions

Date	IP Address
2024-06-29	103.224.182.251 (ClassC)
2025-06-01	154.212.44.148 (ClassC)
2025-08-06	38.173.252.84 (ClassC)

Subdomains

Date	Domain	IP
ds2010.kmip.net	2014-10-08	208.91.197.7
netbotattacker02.kmip.net	2014-07-29	208.91.197.7
aishism555.kmip.net	2013-04-17	208.91.197.7
86873895.kmip.net	2013-04-17	208.91.197.7
yuanwei207.kmip.net	2014-09-18	208.91.197.7
alex2008.kmip.net	2014-12-17	208.91.197.7
wwwyyy7758.kmip.net	2014-08-17	208.91.197.7
googleupdate2009.kmip.net	2018-08-15	185.53.178.7
q278539.kmip.net	2024-07-06	103.224.182.251
51kb.kmip.net	2013-04-21	208.91.197.7
pvc.kmip.net	2024-07-05	103.224.182.251
creatfile.kmip.net	2014-11-19	208.91.197.7
yangxudong.kmip.net	2024-07-06	103.224.182.251
hebai.kmip.net	2025-05-20	154.212.44.148
999ok.kmip.net	2013-07-11	208.91.197.7
3-ll.kmip.net	2013-05-22	208.91.197.7
wxol.kmip.net	2024-07-02	103.224.182.251
135m.kmip.net	2014-09-10	208.91.197.7
51ibm.kmip.net	2024-07-05	103.224.182.251
xudashan.kmip.net	2024-06-29	103.224.182.251
1000qn.kmip.net	2025-06-02	154.212.44.148
1000qq.kmip.net	2025-06-02	154.212.44.148
linter.kmip.net	2014-06-20	208.91.197.7
haoddos.kmip.net	2024-04-05	170.178.183.18
sina-txt.kmip.net	2014-10-17	208.91.197.7
jjmmav.kmip.net	2014-09-13	208.91.197.7
1-ww.kmip.net	2024-06-24	103.224.182.251
mhxxx.kmip.net	2025-06-02	154.212.44.148
zlyjyzzy.kmip.net	2014-12-14	208.91.197.7

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]