Domain > xx.ka3ek.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to xx.ka3ek.com

MD5	A/V
934798206ff93b4a1f3050df910dccaa	[W32.Virut.D] [W32/Virut] [W32/Virut.10640.B] [W32.Virut.U] [W32/Virut.P] [Win32:Virut] [Win32.Virut.q] [Virus.Win32.Virut.q] [Win32.Virut.5] [W32/Virut.V] [PE_VIRUT.XP-4] [W32/Vetor-A] [Win32/Virut.10639.B] [Suspicious] [Win32.Virut.V] [Virus:Win32/Virut.AE] [Win32.Virut.M] [Win32/Virut.D] [W32/MetaCrypt.1] [BackDoor.RBot.KB]
01d2eef7dc13a72deef1833028f4db9e	[W32.IsassSC1.Trojan] [Backdoor.Vanbot.FK] [W32.Virut.D] [Downloader-BZB] [W32/Kolab.lnl] [W32/Kolab.F] [W32.IRCBot] [Obfuscated_FA] [Win32/Linkbot.UD] [WORM_SDBOT.BVF] [Win32:Virut] [Virus.Win32.Virut.n] [Win32.Virut.D] [Virus.Win32.Virut.q] [Win32.Virut.5] [Worm.Kolabc.Win32.242] [Heuristic.LooksLike.Win32.Suspicious.C] [Mal/Packer] [Worm/Kolabc.mu] [Win32.Virut.n.2600] [Virus:Win32/Virut.AK] [Win32/Kolabc.worm.72192.H] [W32/Kolab.UGPA-8377] [Backdoor.VanBot.pf] [W32/Virutas.G.dam] [Win32/Virut.E] [PE:Backdoor.Win32.IRCbot.wyw!1075186899] [Backdoor.Win32.Rbot] [W32/Virut.EPO] [BackDoor.RBot.KB]
1a4be9574eb292e9b27bbc18df993f9a	[Virus/W32.Virut.K] [W32.Virut.Z] [W32/Virut.av] [Virus.Win32.Virut.av] [Win32/Virut.AV] [W32/Trojan2.JFBB] [Riskware.Win32.DelfInject!IK] [W32/Smalltroj.dam] [Win32:Virtob] [Win32.Virut.Ax] [W32.Virut-54] [Backdoor.Bot.109658] [Heur.Packed.Unknown] [BackDoor.IRC.Sdbot.5190] [W32/Virut.AX] [PE_VIRUT.AV] [Heuristic.LooksLike.Trojan.Drop.C] [W32/Virut-W] [Win32/Virut.7115] [W32/Virut.7116] [Win32/Virut.af] [W32.Virut.W] [Virus:Win32/Virut.AC] [Win32.Virut.S] [Win32/Virut.B] [Virus.Win32.Virut.2] [Trojan.Win32.DelfInject.ba] [VirTool.Win32.DelfInject] [W32/Virut.AV] [Win32/Virut] [W32/Virutas.FG]
26d07686defbc174af107a7e3a7c01c6	[W32/Virutas.FG] [Virus/W32.Virut.K] [W32.Virut.Z] [Virus.Win32.Virut.av] [W32/Virut.av] [Worm.Poebot.PV] [Win32/Virut.AV] [W32/Virut.7116] [W32.Virut.W] [W32/Virut.AG] [Win32:Virtob] [Win32.BackDoor.RBot.] [W32.Virut-17] [Trojan.Packed.162] [W32/Virut.AX] [PE_VIRUT.AV] [W32/Virut-W] [Win32/Virut.7115] [Packer.RLPack!IK] [Win32.Virut.AX] [Virus:Win32/Virut.AC] [Win32.Virut.S] [Win32/Virut.B] [Virus.Win32.Virut.2] [Win32.Virut.an] [Packer.RLPack] [W32/Virut.AV] [BackDoor.RBot.KB]
3c42ff7faf1a99665afe2acaddbbcb79	[W32.Clodb50.Trojan.72ed] [Backdoor.Bot.101446] [W32/Kolabc.abv] [Trojan.Win32.VanBot.wzrl] [W32/Trojan.BWZZ] [Malware.AULA] [Win32/Linkbot.MI] [Net-Worm.Win32.Kolabc.abv] [Packed/NiceProtect] [Backdoor.Win32.VanBot.129536] [Backdoor.Win32.Poebot] [BackDoor.IRC.Sdbot.2665] [Heuristic.BehavesLike.Win32.Suspicious-BAY.K] [Mal/EncPk-AF] [Backdoor/VanBot.fr] [Worm.Kolabc.(kcloud)] [Backdoor:Win32/Poebot] [W32/Trojan.TRYP-3696] [Virus.Win32.Heur.d] [Worm.Kolab] [Worm.Win32.Kolabc.AqN] [Win32/Poebot] [PE:Backdoor.Win32.VanBot.dm!1074926267] [BackDoor.RBot.BI]
74d34e6cf2a5995b94fca00b1bb55ea2	[W32.Clode7d.Trojan.eccf] [Backdoor.SDBot.DFOO] [I-Worm.Kolabc.aho] [W32/Sdbot.worm] [W32/Kolabc.aho] [Exploit.ShellCode.AF] [W32.IRCBot] [Obfuscated_FA] [Win32/Linkbot.WJ] [WORM_RBOT.AIM] [Trojan.Win32.Kolabc.orui] [Backdoor.Win32.S.Rbot.77969] [Mal/EncPk-EY] [NetWorm.Win32.Kolabc.aho] [BackDoor.IRC.Sdbot.2665] [Heuristic.BehavesLike.Win32.Suspicious-BAY.K] [Backdoor/Nepoe.af] [Win32.Virut.ce.57344] [Win-Trojan/Xema.variant] [Worm.Win32.Kolabc.acYK] [PE:Backdoor.Win32.SdBot.qso!1075124936] [Virus.Win32.Virut] [Klone] [Trj/CI.A]

Whois

Property	Value
NameServer	NS2.SUSPENDED-FOR.SPAM-AND-ABUSE.COM
Created	2014-06-10 00:00:00
Changed	2015-07-22 00:00:00
Expires	2015-06-10 00:00:00
Registrar	GODADDY.COM, LLC

DNS Resolutions

Date	IP Address
2013-08-15	107.20.206.69 (ClassC)
2014-07-22	142.4.199.202 (ClassC)
2019-07-21	207.21.193.22 (ClassC)
2020-12-31	35.186.238.101 (ClassC)
2023-07-16	162.214.200.183 (ClassC)
2025-05-09	13.248.169.48 (ClassC)
2025-08-11	76.223.54.146 (ClassC)

Port 80

Subdomains

Date	Domain	IP
dd.ka3ek.com	2013-04-20	107.20.206.69
ffff.ka3ek.com	2013-11-18	107.20.206.69
dl.ka3ek.com	2013-04-20	107.20.206.69
ss.ka3ek.com	2014-07-25	142.4.199.202
xx.ka3ek.com	2014-07-22	142.4.199.202

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]