Help RSS API Feed Maltego Contact                        

IP > 58.64.153.157

This indicator is referenced in Alienvault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://www.fireeye.com/blog/threat-research/2013/...    
https://www.fireeye.com/blog/threat-research/2014/...    

Malware
MD5A/V
026871ea3d6cbbeb90fea6bf2906cc12[W32.Clodd5f.Trojan.97c0] [Trojan.Inject.HH] [Backdoor.Win32.Poison!O] [Backdoor/Poison.ckqm] [Trojan.Win32.Poison.cqrsq] [Backdoor.Darkmoon] [BKDR_POISON.ZA] [Backdoor.Win32.Poison.ckqm] [Backdoor.Poison.AGXN] [Backdoor.Win32.A.Poison.10752.S] [UnclassifiedMalware] [BackDoor.Poison.767] [Mal/Resin-A] [Trojan/Pincav.hid] [Trojan[Backdoor]/Win32.Poison] [Backdoor:Win32/Poison.E] [Trojan/Win32.Injector] [BackDoor.Poison] [Backdoor.Win32.Poison] [W32/Krypt.F!tr] [Backdoor.Win32.Poison.AII] [BackDoor!dpw]
06d5f3fd2419fbe09aa4a59e858f7731[BackDoor-FBJL!06D5F3FD2419] [Delf.AMZM] [Backdoor*Win32/Bezigate.B]
08a06501405f26e45cd4278b2703fd45[TR/Rogue.9558980] [Win32/DH{A18BD2AgJCI}]
1f43738b1f67266fdafd73235acbf338[Trojan/Poison.nfu] [Trojan] [Trojan.Poison.cjwro] [Backdoor.Darkmoon] [Win.Trojan.Dropper-128] [Backdoor.Win32.Poison.ckqm] [Trojan.Inject!XYvzznRebWY] [Backdoor.Win32.A.Poison.140288] [Heur.Suspicious] [BackDoor.Poison.767] [Mal/Resin-A] [Trojan/Sasfis.okr] [Win32.Hack.Poison.(kcloud)] [Trojan/Win32.Npkon] [Backdoor.Poison.chkf] [Backdoor.Darkmoon!rem] [Win32/Poison.NFU] [Backdoor.Win32.Poison]
252ce03cd17a148b03499f525ef0d7df[Java.Jrat.1] [EXP/Java.HLP.FC]
4713557e3ed2ced62ceccbe4d07314b4[W32.Clod5e9.Trojan.98df] [Backdoor.Win32.Poison!O] [Backdoor.Poison.ckqm] [Trojan/Poison.nfu] [Trojan.Win32.Poison.cqrsq] [Backdoor.Darkmoon] [Win.Trojan.Dropper-128] [Backdoor.Win32.Poison.ckqm] [Backdoor.Poison.AGXN] [Backdoor.Win32.A.Poison.140288] [UnclassifiedMalware] [BackDoor.Poison.767] [Mal/Resin-A] [Trojan/Sasfis.okr] [Trojan[Backdoor]/Win32.Poison] [Win32.Hack.Poison.(kcloud)] [Backdoor:Win32/Poison.E] [Trojan/Win32.Npkon] [BackDoor.Poison] [Win32/Poison.NFU] [PE:Trojan.Win32.FakeAlert.ny!1075348125] [Trojan-Dropper.Win32.Malf] [Win32/Trojan.8cf]
8087d49e7bb391e0ba6e482f931b0ad5[Backdoor.PoisonIvy.HN] [Artemis!8087D49E7BB3] [Trojan/Pincav.aiss] [Trojan.Win32.Poison.dpugg] [Backdoor.Darkmoon] [Backdoor.Win32.Poison.ckqm] [Trojan.Inject!U94RlWUnC2E] [Backdoor.Win32.Poison.114688.K] [Mal/Resin-A] [Heur.Suspicious] [BackDoor.Poison.767] [Trojan/Pincav.hid] [Backdoor:Win32/Poison.E] [Trojan/Win32.Injector] [Trojan.Pincav] [Backdoor.Win32.Poison] [W32/Krypt.F!tr]
875767086897e90fb47a021b45e161b2[Exploit.CVE-2012-0158.Heur] [Exploit-CVE2012-0158!rtf] [Trojan.Mdropper] [Exploit.Win32.CVE-2012-0158.ag] [Exp/20120158-A] [UnclassifiedMalware] [Exploit.CVE2012-0158.24] [EXP/CVE-2012-0158] [EXPL_CVE20120158] [Exploit/MSWord.CVE-2012-0158] [Exploit:Win32/CVE-2012-0158] [RTF/Cve-2010-0158] [RTF/Trojan.KTGI-4] [Win32/Exploit.CVE-2012-0158.DH] [Exploit.Win32.CVE-2012] [W32/CVE_2012_0158.AG!exploit] [Troj/RTFExp-AT]
b6a04fc5d559a8c12dbae245fc899717[Win32/Sality] [Virus*Win32/Sality.AT]
bc90b4593b7b631a78a8305a873d6d5c[W32.Clod485.Trojan.94ce] [Trojan.Inject.HH] [Trojan/W32.Inject.27136.P] [Trojan/Sasfis.bfpu] [Trojan.Win32.MLW.dneqq] [TROJ_SPNR.30DJ12] [Win.Trojan.Dropper-128] [Backdoor.Win32.Poison.ckqm] [Trojan.Inject!ZbJzxej/Slw] [Backdoor.Win32.A.Poison.140288] [Heur.Suspicious] [BackDoor.Poison.767] [BDS/Poison.M.719] [Trojan/Sasfis.okr] [Win32.Troj.OnLineG.ak.(kcloud)] [Backdoor:Win32/Poison.E] [Trojan/Win32.Npkon] [Backdoor.Win32.Hupigon.dguz] [PE:Trojan.Win32.FakeAlert.ny!1075348125] [Trojan-Dropper.Win32.Malf] [W32/Dropper.DNE!tr]
c15292446f508933774f691662869234
d1503f1f2da7715b129920425b053245
d40f50d37d51f6cd92e98c4da4e066ff

IP Whois
PropertyValue
Location Central District, Hong Kong
Country Hong Kong

Reverse DNS
DomainDate
58.64.153.1572025-05-08
tinynose157.wml.icp100.com2025-04-29
european.proxydns.com2015-07-18
microsoft.freetcp.com2015-04-22
www.european.portrelay.com2015-04-17
www.european.proxydns.com2015-01-02
www.internet.freetcp.com2015-01-02
www.intranet.freetcp.com2015-01-02
www.microsoft.freetcp.com2015-01-02
www.state.proxydns.com2015-01-02
internet.freetcp.com2014-12-18
hq.dsmtp.com2014-11-17
svchost.lookin.at2014-11-17
teamware.rr.nu2014-11-17
www.hq.dynssl.com2014-11-17
ecnet.rr.nu2014-11-16
microsoft.lookin.at2014-11-16
www.hq.dsmtp.com2014-11-16
microsoft.athersite.com2014-11-06
svchost.athersite.com2014-11-06
svchost.myredirect.us2014-11-06
svchost.rr.nu2014-11-06
www.dhcpserver.ns01.us2014-10-08
www.dnsserver.ns01.us2014-10-08
www.microsoft.mrbasic.com2014-08-05
www.javaupdate.dhcp.biz2014-06-11
dnscache.lookin.at2014-05-23
sslupdate.ByInter.net2014-04-27
microsoft.mrbasic.com2014-04-23
appledaily.dsmtp.com2014-04-21
hq.dynssl.com2014-04-09
unog.dynssl.com2014-04-09
dnsserver.ns01.us2014-04-01
javaupdate.dhcp.biz2014-03-25
javaupdate.ns01.biz2014-03-25
www.unhq.dynssl.com2014-03-22
www.microsoft.isasecret.com2014-03-18
ipsecupdate.ByInter.net2014-03-13
javaupdate.ByInter.net2014-03-13
springboard.passas.us2014-02-18
www.microsoft.dhcp.biz2014-02-18
webserver.dynssl.com2014-02-17
european.passas.us2014-01-21
european.portrelay.com2014-01-21
svchost.proxydns.com2014-01-18
svchost.sendsmtp.com2014-01-18
www.verizon.itemdb.com2014-01-14
microsoft.dhcp.biz2013-12-19
microsoft.wikaba.com2013-12-19
european.athersite.com2013-12-12
itagov.byinter.net2013-12-12
www.microsoft.wikaba.com2013-12-05
microsofta.byinter.net2013-12-04
microsoftb.byinter.net2013-11-29
www.verizon.dynssl.com2013-11-27
microsoft.instanthq.com2013-11-20
googlenews.myredirect.us2013-11-19
amdns.myredirect.us2013-11-18
www.dpmc.dynssl.com2013-10-24
www.dataupdate.dynssl.com2013-10-21
dataupdate.dynssl.com2013-10-18
microsoft.ftpserver.biz2013-10-17
microsoft.acmetoy.com2013-10-16
phpdns.myredirect.us2013-10-16
intelcorp.kwik.to2013-10-13
intelcorp.rr.nu2013-10-13
explorer.myredirect.us2013-10-11
www.microsoft.ftpserver.biz2013-10-09
microsoft.dynssl.com2013-10-01
consilium.proxydns.com2013-09-27
consilium.dnset.com2013-09-26
consilium.dynssl.com2013-09-26
eudns.lookin.at2013-09-26
microupdate.ddns.us2013-09-26
phpwins.myredirect.us2013-09-26
www.consilium.dnset.com2013-09-26
www.consilium.dynssl.com2013-09-26
www.consilium.proxydns.com2013-09-26
microsoftupdate.edns.biz2013-09-19
www.microsoftupdate.edns.biz2013-09-16
www.microsoftupdate.freetcp.com2013-09-16
svchost.passas.us2013-09-12
microsoftupdate.ns01.biz2013-09-06
www.verizon.proxydns.com2013-09-05
microsoftupdate.freetcp.com2013-09-03
www.microupdate.ddns.us2013-09-03

IP Classes
58.64.153..x=Browse , 58.64.153..x.x=Browse | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information