Help RSS API Feed Maltego Contact                        

Domain > qurl.qh-lb.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
http://blog.malwaremustdie.org/2015/09/mmd-0042-20...    
https://otx.alienvault.com/pulse/55ef0d8a4637f26df...    

Files that talk to qurl.qh-lb.com
MD5A/V
98e94fc3e873c315622db695c02520a4[TrojanDropper*Win32/Zegost.B]
f8cb854597c18887433265702a72cfd4[Trojan.Spy-80656] [TR/PSW.Bjlog.lby.10] [TrojanDropper*Win32/Zegost.B]
3fabccdb91cf9038dcffff47bc364830[W32.Sality.PE] [Win32.Sality.3] [Packed.Win32.Obfuscated.10!O] [W32.Sality.U] [Win32.Sality.BL] [W32.Sality.AE] [Sality.ZHB] [Win32/Sality.AA] [PE_SALITY.RL] [Virus.Win32.Sality.beygb] [Win32.Sality.N] [Trojan.KillProc.26742] [Virus.Sality.Win32.20] [W32/Sality.AT] [Heuristic.LooksLike.Win32.Suspicious.C!80] [Virus:Win32/Sality.AT] [Win32/Kashu.E] [Virus.Win32.Sality.bakc] [W32/Sality.AA] [Win32/Sality.NBA] [Trojan-PWS.Win32.Bjlog] [Win32/Sality] [Virus.Win32.Sality.$Emu]
d850d6a5a34cbb5c030775d30d21b0d1[TrojanPSW.Bjlog.g5] [Trojan.Spy-80656] [Trojan.Packed.22267] [Win32/Redosdru.GL] [W32/Rincux.AA!tr] [Trojan-PWS.Win32.Bjlog*Win32.Malware] [Trojan-PSW.Win32.Bjlog.zeq] [TrojanDropper*Win32/Zegost.B] [Backdoor.Trojan] [BKDR_ZEGOST.SMZZ]
7d290b1298b32cb15e5e4d6298d3e224[TrojanDropper*Win32/Zegost.B]
b3f33e30ceadababf1ffc315004ee1a9
1c8d4cd98f3ffe1b942f0a04692ed215[TR/PSW.Bjlog.lfzb] [Trojan.Spy-78740] [TrojanDropper*Win32/Zegost.B]
f0254554c488afa4c4762a5fbc244271
766c4d534ff8a1b5d048bcbade4a4865
8a4f9439d1c947491e4351c53dfba2cb[Trojan.Spy-80656]
446194ca9dd634e4fc4f769c189a6074[W32.LopmoXB.Worm] [TrojanDropper.Zegost.C10] [Artemis!446194CA9DD6] [Trojan.FakeMS] [Trojan] [Trojan/PSW.Bjlog.aqwu] [Backdoor.Trojan] [Bjlog.E] [Win32/Zegost.EF] [TROJ_REDOSD.SMQ] [Trojan.Spy-80656] [Backdoor.Win32.Zegost.tnq] [Trojan.Win32.A.PSW-Bjlog.198144.C] [TrojWare.Win32.Kryptik.KAZ] [Trojan.DownLoader1.26310] [Mal/Zegost-C] [Heur:Backdoor/PcClient] [Win32.Troj.FakeMS.yt.(kcloud)] [TrojanDropper:Win32/Zegost.B] [Trojan/Win32.Zegost] [SScope.Adware.Baidu.01015] [Trojan-PWS.Win32.Bjlog] [W32/Bjlog.LBY!tr.pws] [Trj/Downloader.MDW]
0731b597e61c2fd74577239fc53c794b[W32.LopmoXB.Worm] [TrojanDropper.Zegost.B4] [Trojan.FakeMS.ED] [Trojan/Redosdru.gl] [Trojan.Win32.DownLoader1.cmrroa] [Backdoor.Trojan] [Bjlog.E] [Win32/Zegost.EF] [BKDR_ZEGOST.SMZZ] [Trojan.Spy-80656] [Trojan-PSW.Win32.Bjlog.aabz] [Mal/Zegost-C] [TrojWare.Win32.Kryptik.KAZ] [Trojan.DownLoader1.26310] [Trojan.Bjlog.Win32.9433] [BKDR_ZEGOST.SMZZ] [BehavesLike.Win32.Downloader.ch] [Trojan/PSW.Bjlog.asy] [Trojan[Backdoor]/Win32.Zegost.tnq] [Win32.Hack.Unknown.(kcloud)] [Backdoor:Win32/Zegost!rfn] [Trojan/Win32.Bjlog] [SScope.Adware.Baidu.01015] [Win32/Redosdru.GL] [Backdoor.Win32.Gh0st.s] [Trojan-PWS.Win32.Bjlog] [W32/Bjlog.LBY!tr.pws]
ca7c977b5b315dd62b0189f2619764db[W32.HfsAutoB.D41B] [Win32.Parite.B] [Virus/W32.Parite.C] [W32.Perite.A] [Win32.Parite.B] [Backdoor.Zegost] [Virus.Parite.Win32.9] [W32/Pate.B] [Virus.Win32.Parite.bgvo] [W32/Parite.B] [W32.Pinfi.B] [Pinfi.A] [Win32/Pinfi.A] [Trojan.Spy-78740] [Virus.Win32.Parite.b] [Win32.Parite.B] [Win32.Parite.B] [Backdoor.Win32.Zegost.aaa] [Win32.Parite.B] [Backdoor:W32/Bjlog.D] [Trojan.Ludo.49] [BKDR_ZEGOST.SMZZ] [BehavesLike.Win32.Pate.fc] [W32/Parite-B] [W32/Parite.B] [Win32/Parite.b] [W32/Parite] [Virus/Win32.Parite.b] [Win32.Parite.xp.1243622] [Virus:Win32/Parite.B] [Win32.Parite.A[h]] [Win32.Parite.B] [Win32/Parite] [W32/Pate.b] [Virus.Win32.Parite.b] [Virus.Win32.Parite.$b] [Win32/Parite.B] [Virus.Parite] [W32/Parite.B] [W32/Parite.B]
ab6bfabe3a411acb3143b096091f559b[W32.PariteB.PE] [Win32.Parite.C] [Virus/W32.Parite.C] [W32.Perite.A] [W32/Pate.c] [Virus.Parite.Win32.2] [W32/Pate.C] [Win32.Parite.C] [Win32.Parite.C] [W32/Parite.C] [W32.Pinfi.B] [Win32/Parite.C] [PE_PARITE.A] [Win32:Parite] [Heuristics.W32.Parite.B] [Win32.Parite.C] [Virus.Win32.Parite.c] [Virus.Win32.Parite.bysj] [PE:Win32.Parite.c!16045] [Win32.Parite.C] [W32/Parite-C] [Backdoor.Win32.Popwin.~IQ] [Win32.Parite.C] [Win32.Parite.3] [PE_PARITE.A] [BehavesLike.Win32.Dropper.gc] [W32/Parite.C] [Win32/Parite.c] [W32/Parite] [Virus/Win32.Parite.c] [Win32.Parite.xp.1243622] [Win32.Parite.C] [Win32.Parite.C[h]] [Win32/Parite] [Virus:Win32/Parite.C] [Virus.Win32.Heur.d] [Win32.Parite.C] [Virus.Parite.C] [Virus.Win32.Parite.$c] [Win32.Parite.B] [Virus.Win32.Parite.a] [Virus.Win32.Parite] [W32/Parite.C] [Win32/Parite] [W32/Parite.A]

Whois
PropertyValue
NameServer NS3.QH-LB.COM
Created 2007-11-22 00:00:00
Changed 2015-04-17 00:00:00
Expires 2015-11-22 00:00:00
Registrar GODADDY.COM, LLC

DNS Resolutions
DateIP Address
2013-07-23101.226.11.101 (ClassC)
2013-07-23101.226.11.103 (ClassC)
2013-07-23101.226.11.136 (ClassC)
2013-07-23101.226.11.138 (ClassC)
2013-08-15218.30.116.227 (ClassC)
2013-08-16218.30.116.228 (ClassC)
2013-08-16218.30.117.156 (ClassC)
2013-08-16218.30.116.223 (ClassC)
2013-08-16218.30.116.226 (ClassC)
2013-08-17218.30.117.159 (ClassC)
2013-08-17218.30.117.154 (ClassC)
2013-08-18218.30.117.158 (ClassC)
2013-08-18220.181.131.233 (ClassC)
2013-08-18218.30.116.222 (ClassC)
2013-08-20218.30.117.153 (ClassC)
2013-09-15218.30.116.221 (ClassC)
2013-09-15218.30.116.225 (ClassC)
2013-09-15218.30.116.225 (ClassC)
2013-09-19218.30.117.155 (ClassC)
2013-09-19218.30.117.155 (ClassC)
2013-09-19218.30.117.157 (ClassC)
2013-09-20218.30.116.224 (ClassC)
2013-09-20218.30.116.224 (ClassC)
2013-09-30218.30.117.152 (ClassC)
2013-10-21218.30.116.221 (ClassC)
2013-10-21220.181.131.232 (ClassC)
2014-02-19220.181.131.234 (ClassC)
2014-02-19220.181.131.231 (ClassC)
2014-02-19220.181.131.231 (ClassC)
2014-06-23106.38.187.105 (ClassC)
2014-07-03106.38.187.100 (ClassC)
2014-07-09106.38.187.102 (ClassC)
2014-09-14106.38.187.115 (ClassC)
2014-09-15106.120.167.87 (ClassC)
2014-09-15106.120.167.79 (ClassC)
2014-09-16106.120.167.94 (ClassC)
2014-09-16101.199.109.150 (ClassC)
2014-09-20106.120.167.86 (ClassC)
2014-09-20106.38.187.116 (ClassC)
2014-09-20106.38.187.104 (ClassC)
2014-09-22106.38.187.106 (ClassC)
2014-09-22106.38.187.108 (ClassC)
2014-09-23106.120.167.88 (ClassC)
2014-09-24106.120.167.91 (ClassC)
2014-09-24106.120.167.89 (ClassC)
2014-09-28101.199.109.152 (ClassC)
2014-09-28101.199.109.144 (ClassC)
2014-09-28106.120.167.102 (ClassC)
2014-10-02106.120.167.99 (ClassC)
2014-10-02106.38.187.113 (ClassC)
2014-10-06106.120.167.101 (ClassC)
2014-10-06106.120.167.101 (ClassC)
2014-10-09101.199.109.142 (ClassC)
2014-10-13106.38.187.101 (ClassC)
2014-10-13106.120.167.100 (ClassC)
2014-10-17106.38.187.103 (ClassC)
2014-10-23106.120.167.92 (ClassC)
2014-11-10106.120.167.85 (ClassC)
2014-11-11101.199.109.149 (ClassC)
2014-11-24101.199.109.141 (ClassC)
2014-11-24106.38.187.117 (ClassC)
2014-11-24106.120.167.80 (ClassC)
2014-12-11101.199.109.151 (ClassC)
2014-12-31106.38.187.114 (ClassC)
2015-02-05106.38.187.107 (ClassC)
2015-02-13106.120.167.90 (ClassC)
2015-02-13106.120.167.90 (ClassC)
2015-05-15106.38.187.118 (ClassC)
2015-07-07106.38.187.102 (ClassC)
2015-09-11101.199.109.143 (ClassC)
2019-10-1136.110.237.161 (ClassC)
2019-10-1136.99.30.229 (ClassC)
2019-10-1136.99.30.231 (ClassC)
2019-10-1436.110.237.138 (ClassC)
2019-10-15180.163.243.110 (ClassC)
2019-10-151.192.194.206 (ClassC)
2019-10-15180.163.243.165 (ClassC)
2019-10-1536.110.237.101 (ClassC)
2019-10-151.192.192.173 (ClassC)
2019-10-1536.110.237.160 (ClassC)
2019-10-161.192.192.244 (ClassC)
2019-10-171.192.192.176 (ClassC)
2019-10-1736.110.237.162 (ClassC)
2019-10-1736.110.237.139 (ClassC)
2019-10-1736.110.237.224 (ClassC)
2019-10-1836.110.237.137 (ClassC)
2019-10-181.192.192.245 (ClassC)
2019-10-18180.163.243.88 (ClassC)
2019-10-18180.163.243.120 (ClassC)
2019-10-191.192.192.181 (ClassC)
2019-10-19180.163.243.133 (ClassC)
2019-10-2036.99.30.241 (ClassC)
2019-10-2036.110.237.180 (ClassC)
2019-10-20180.163.243.111 (ClassC)
2019-10-2036.99.30.242 (ClassC)
2019-10-2036.110.231.12 (ClassC)
2019-10-2136.110.237.99 (ClassC)
2019-10-2136.110.237.115 (ClassC)
2019-10-221.192.194.205 (ClassC)
2019-10-221.192.194.197 (ClassC)
2019-10-221.192.192.177 (ClassC)
2019-10-221.192.192.178 (ClassC)
2019-10-2336.99.30.234 (ClassC)
2019-10-2336.110.231.14 (ClassC)
2019-10-231.192.192.152 (ClassC)
2019-10-23180.163.222.173 (ClassC)
2019-10-2336.110.237.178 (ClassC)
2019-10-2336.110.237.102 (ClassC)
2019-10-24180.163.222.172 (ClassC)
2019-10-2436.110.237.81 (ClassC)
2019-10-2436.110.231.13 (ClassC)
2019-10-24180.163.222.171 (ClassC)
2019-10-2536.99.30.236 (ClassC)
2019-10-2536.110.231.15 (ClassC)
2019-10-2536.99.30.227 (ClassC)
2019-10-2536.99.30.233 (ClassC)
2019-10-251.192.194.204 (ClassC)
2019-10-251.192.192.180 (ClassC)
2019-10-2636.99.30.226 (ClassC)
2019-10-2636.110.237.205 (ClassC)
2019-10-271.192.194.196 (ClassC)
2019-10-2736.99.30.206 (ClassC)
2019-10-2736.110.237.116 (ClassC)
2019-10-2736.110.237.225 (ClassC)
2019-10-2836.99.30.237 (ClassC)
2019-10-2836.110.237.163 (ClassC)
2019-10-2936.110.237.181 (ClassC)
2019-10-2936.110.237.204 (ClassC)
2019-11-0136.110.237.179 (ClassC)
2019-11-021.192.192.236 (ClassC)
2019-11-0236.99.30.245 (ClassC)
2019-11-0336.110.237.117 (ClassC)
2019-11-04180.163.251.252 (ClassC)
2019-11-041.192.192.243 (ClassC)
2019-11-1236.110.237.223 (ClassC)
2019-11-1236.110.237.140 (ClassC)
2019-11-12180.163.243.134 (ClassC)
2019-11-131.192.194.199 (ClassC)
2019-11-131.192.194.195 (ClassC)
2019-12-181.192.194.203 (ClassC)
2020-01-021.192.192.235 (ClassC)
2020-01-0236.110.237.241 (ClassC)
2020-01-1136.110.237.114 (ClassC)
2020-01-111.192.194.200 (ClassC)
2020-01-3136.110.237.206 (ClassC)
2020-02-0536.110.237.222 (ClassC)
2020-02-10180.163.222.174 (ClassC)
2020-02-1636.99.30.243 (ClassC)
2020-02-17180.163.243.148 (ClassC)
2020-02-17180.163.222.176 (ClassC)
2020-02-2336.110.237.240 (ClassC)
2020-02-231.192.192.153 (ClassC)
2020-02-27180.163.243.89 (ClassC)
2020-02-2736.99.30.228 (ClassC)
2020-02-2936.99.30.239 (ClassC)
2020-03-031.192.194.198 (ClassC)
2020-03-04180.163.243.181 (ClassC)
2020-03-1036.110.237.100 (ClassC)
2020-03-13180.163.243.149 (ClassC)
2020-03-2236.99.30.240 (ClassC)
2020-03-231.192.192.174 (ClassC)
2020-04-061.192.194.201 (ClassC)
2020-04-06180.163.243.78 (ClassC)
2020-04-0836.99.30.232 (ClassC)
2020-04-081.192.192.237 (ClassC)
2020-04-14180.163.243.166 (ClassC)
2020-05-0536.110.237.82 (ClassC)
2020-08-251.192.194.194 (ClassC)
2020-08-301.192.194.202 (ClassC)
2025-07-09104.192.108.142 (ClassC)
2025-07-15104.192.108.157 (ClassC)
2025-07-31104.192.108.156 (ClassC)

Port 80

Subdomains
DateDomainIP
NS3.QH-LB.COM2025-07-26111.206.126.88
test4.qh-lb.com2025-07-024.4.4.4
cc.f.qh-lb.com2024-09-07103.28.8.55
conf.f.qh-lb.com2024-04-30180.163.222.166
vconf.f.qh-lb.com2014-10-26101.226.10.82
s.f.qh-lb.com2024-09-07103.28.8.66
dl.qh-lb.com2014-02-1961.136.228.135
qurl.qh-lb.com2013-09-15218.30.116.225
so.qh-lb.com2015-01-26106.120.160.134
sdup.qh-lb.com2013-09-15119.188.70.18
qup.qh-lb.com2013-09-15101.226.11.123
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information