Help RSS API Feed Maltego Contact                        

Domain > mail.lasmail.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://www.tcrc.edu.tw/cert/20111215.xlsx    
http://www.trendmicro.com/cloud-content/us/pdfs/se...    

Files that talk to mail.lasmail.com
MD5A/V
ee3ac02b6ca3d6c9012604d71017058f[Trojan.Enfal-95]
22caf76a780c54ddce7fa139100fa54e[W32.Clod413.Trojan.52f8] [W32/AutoRun.bnkp] [Trojan.Win32.AutoRun.rmwwr] [W32/MalwareF.RLNP] [W32.IRCBot] [Smallworm.CTPQ] [malicious] [WORM_SAMSA.O] [Worm.Autorun-4464] [Worm.AutoRun!p6GHqTa2Aps] [Worm.Win32.Autorun.53248.T] [UnclassifiedMalware] [Backdoor:W32/Enfal.K] [Win32.HLLW.Autoruner.63850] [TR/Spy.53248.535] [W32/Autorun-BIQ] [Worm/AutoRun.aeev] [Worm.Autorun.(kcloud)] [W32/Risk.MDQE-5348] [Trojan-Downloader.Small.0869] [Backdoor.Win32.Meciv] [W32/AutoRun.BNKP!worm] [Win32/DH{ICVkA2EIWGdigQEiWw}]
ad92cbb5e3522fc4bfc15732284020d0[W32.Clod524.Trojan.3a06] [Artemis!AD92CBB5E352] [Pucedoor.A] [Win32/FakeDoc_i] [Trojan.Enfal-11] [UnclassifiedMalware] [Trojan.MulDrop1.40578] [Mal/Luiha-C] [Backdoor:Win32/Meciv.A] [W32/Trojan.IPQK-6712] [Win32/Pucedoor.A] [PE:Malware.FakeDOC@CV!1.9C3C] [Trojan.Win32.Dropper.aDA]
8F65204D8440B7BE2B52908E35D19124
d84ecca01839642a27d29f885b885ff1[W32.Clod8a8.Trojan.5e54] [Artemis!D84ECCA01839] [Trojan/Pucedoor.a] [Backdoor.Meciv] [Pucedoor.A] [Trojan.Enfal-30] [Trojan.Pucedoor!rsFayrTkM90] [UnclassifiedMalware] [BKDR_MECIV.SME] [Troj/Luiha-BT] [Backdoor:Win32/Meciv.A] [Win-Trojan/Dynamer.114948] [Virus.Win32.Part.b] [W32/Pucedoor.A!tr] [Win32/Trojan.BO.c8b] [HEUR/Malware] [Backdoor*Win32/Meciv.A]
2944e486b252112720098860a91788e0[Dropper!dnv] [Trojan.Enfal-11] [W32.Clodd62.Trojan.674d] [Pucedoor.A] [Win32/FakeDoc_i] [Mal/Luiha-C] [UnclassifiedMalware] [Trojan.MulDrop1.40578] [TR/Spy.194516] [Backdoor:Win32/Meciv.A] [Win32/Pucedoor.A] [PE:Malware.FakeDOC@CV!1.9C3C] [Trojan.Win32.Dropper.aX]

Whois
PropertyValue
Email admin@newvcorp.com
NameServer NS2626.ZTOMY.COM
Created 2014-01-20 00:00:00
Changed 2014-08-29 00:00:00
Expires 2015-01-20 00:00:00
Registrar ALLWORLDNAMES.COM LL

DNS Resolutions
DateIP Address
2011-09-30109.123.126.157 (ClassC)
2013-06-16209.222.14.3 (ClassC)
2014-04-09141.8.225.62 (ClassC)
2014-04-26141.8.225.62 (ClassC)
2014-12-13204.11.56.26 (ClassC)
2015-01-03204.11.56.45 (ClassC)
2015-05-26141.8.226.14 (ClassC)
2017-08-28204.11.56.48 (ClassC)
2018-02-14208.91.197.46 (ClassC)
2018-05-2654.174.212.152 (ClassC)
2018-05-2654.208.174.161 (ClassC)
2018-07-1452.55.168.146 (ClassC)
2018-07-1454.165.156.210 (ClassC)
2018-08-0752.5.142.190 (ClassC)
2018-08-0752.72.89.116 (ClassC)
2018-09-1352.5.251.20 (ClassC)
2018-09-1352.7.6.73 (ClassC)
2019-08-1618.211.9.206 (ClassC)
2020-11-253.223.115.185 (ClassC)
2024-03-0618.119.154.66 (ClassC)
2024-06-2452.71.57.184 (ClassC)
2024-07-073.140.13.188 (ClassC)
2024-11-093.18.7.81 (ClassC)
2025-01-153.130.253.23 (ClassC)
2025-02-173.94.41.167 (ClassC)
2025-03-2554.209.32.212 (ClassC)
2025-04-053.19.116.195 (ClassC)
2025-04-113.130.204.160 (ClassC)
2025-04-1734.205.242.146 (ClassC)
2025-04-2352.86.6.113 (ClassC)
2025-05-0554.161.222.85 (ClassC)
2025-05-1244.193.19.86 (ClassC)
2025-05-2034.196.205.169 (ClassC)
2025-10-26170.106.72.138 (ClassC)

Port 80

Subdomains
DateDomainIP
mail.lasmail.com2014-12-13204.11.56.26
help.lasmail.com2014-12-13204.11.56.26
bbs.lasmail.com2014-04-09141.8.225.62
chat.lasmail.com2013-04-0163.149.176.12
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information