Help RSS API Feed Maltego Contact                        

Domain > ria-ru.xicp.net

Welcome! Right click nodes and scroll the mouse to navigate the graph.
This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://otx.alienvault.com/pulse/56aa6c6e67db8c6aa...    
https://www.proofpoint.com/us/exploring-bergard-ol...    

Files that talk to ria-ru.xicp.net
MD5A/V
950c4074cf593ef87914d40bf1cfa3c7
2c7bad4f4a4df3025aa1345db27c7408[Trojan.MulDrop4.31630] [Win32/Korplug.AK] [W32/Korplug.AK] [SHeur4.BFFB] [Backdoor.Win32.Plugx] [Backdoor.Win32.Gulpix.rr] [Backdoor*Win32/Plugx.A] [Worm.Luder.Win32.168]

Whois
PropertyValue
Email [email protected]
NameServer NS2.EXHERA.COM
Created 2001-08-15 00:00:00
Changed 2014-03-28 00:00:00
Expires 2015-08-15 00:00:00
Registrar SHANGHAI BEST ORAY I

DNS Resolutions
DateIP Address
2014-05-2746.37.173.145 (ClassC)
2014-08-19176.9.194.126 (ClassC)
2016-04-14174.128.255.227 (ClassC)
2016-04-23116.29.173.161 (ClassC)
2016-05-05116.26.251.162 (ClassC)
2016-05-29183.55.34.151 (ClassC)
2016-06-24189.115.106.240 (ClassC)
2016-07-05191.33.197.235 (ClassC)
2016-07-12191.250.56.27 (ClassC)
2016-07-29131.221.56.112 (ClassC)
2016-08-03151.42.79.186 (ClassC)
2016-08-08131.221.58.131 (ClassC)
2016-08-16131.221.58.138 (ClassC)
2016-08-29151.42.94.232 (ClassC)
2016-09-01131.221.57.36 (ClassC)
2016-09-02151.42.121.163 (ClassC)
2016-09-24179.186.3.85 (ClassC)
2016-10-08151.42.143.13 (ClassC)
2016-10-11174.128.255.237 (ClassC)
2016-10-20131.221.56.47 (ClassC)
2016-10-27138.121.254.27 (ClassC)
2016-10-30131.221.59.4 (ClassC)
2016-12-01106.75.65.170 (ClassC)
2017-07-08106.75.65.187 (ClassC)
2018-06-22174.128.255.245 (ClassC)
2018-10-15174.128.255.240 (ClassC)
2019-05-19174.128.255.239 (ClassC)
2019-06-04174.128.255.241 (ClassC)
2019-06-17174.128.255.251 (ClassC)
2019-08-26174.128.255.228 (ClassC)
2021-01-19174.128.255.252 (ClassC)
2021-12-070.0.0.0 (ClassC)

Subdomains
DateDomainIP
430000.xicp.net2021-01-13174.128.255.252
jason0000.xicp.net2018-06-22174.128.255.245
kmad2000.xicp.net2014-12-17199.231.65.206
xuyeli2000.xicp.net2015-12-17180.102.101.87
dingzhaokun2000.xicp.net2016-04-01174.128.255.227
rachel25000.xicp.net2013-04-3050.117.115.89
guonaiming261100.xicp.net2013-04-2650.117.115.89
jmxyj1100.xicp.net2016-07-18131.221.56.112
zhangyin100.xicp.net2016-10-18123.119.215.80
zxc100200.xicp.net2016-02-05174.128.255.227
nantian400.xicp.net2016-06-29120.26.91.153
autop400.xicp.net2016-04-15174.128.255.227
q437548600.xicp.net2016-04-16174.128.255.227
admin100800.xicp.net2019-08-30108.178.51.125
a4221800.xicp.net2021-11-2961.174.40.202
a905768800.xicp.net2013-08-13183.136.132.177
yangrong00.xicp.net2016-04-19118.112.200.130
webserver00.xicp.net2013-09-20125.141.245.202
mo1010.xicp.net2015-06-05106.83.163.86
kaka2010.xicp.net2019-05-16174.128.255.241
qq8956010.xicp.net2016-01-28174.128.255.227
hangame779010.xicp.net2019-05-30174.128.255.241
lj74110.xicp.net2013-08-13183.136.132.177
sky6668588110.xicp.net2015-05-05182.112.17.225
riri110.xicp.net2016-03-26174.128.255.227
tb-210.xicp.net2016-08-16131.221.58.138
a7212210.xicp.net2021-11-24198.13.103.216
rxjh210.xicp.net2016-02-28174.128.255.227
shiyan7410.xicp.net2016-04-19183.53.192.97
yjawy510.xicp.net2021-01-13174.128.255.252
q1020804710.xicp.net2013-08-15183.136.132.177
scsc10.xicp.net2015-05-12174.128.255.227
njcj2020.xicp.net2015-08-22174.128.255.227
www2020.xicp.net2016-03-23174.128.255.227
lkcasy77880120.xicp.net2019-05-16174.128.255.241
jacker120.xicp.net2016-03-10174.128.255.227
momo6320.xicp.net2013-08-09183.136.132.177
suwei520520.xicp.net2019-05-08174.128.255.241
a3344520.xicp.net2016-05-18183.55.34.151
85208520.xicp.net2021-01-15174.128.255.252
szc520.xicp.net2016-02-29174.128.255.227
fei520.xicp.net2013-06-1350.117.115.90
mymail520.xicp.net2016-05-28113.119.186.30
jwl520.xicp.net2015-11-07115.28.156.119
chen520.xicp.net2013-04-2150.117.115.89
gesto520.xicp.net2021-01-18174.128.255.252
zs520.xicp.net2016-04-01174.128.255.227
lishushu520.xicp.net2019-05-30174.128.255.241
yyw520.xicp.net2013-06-11113.95.91.111
ledlight20.xicp.net2015-06-10163.142.212.117
kilo1230.xicp.net2021-11-29125.92.77.51
ww1230.xicp.net2016-01-22174.128.255.227
qq1120813330.xicp.net2013-06-0650.117.115.90
wei6936630.xicp.net2013-08-17183.136.132.177
sssss30.xicp.net2015-11-04119.131.71.19
aqvecphrat30.xicp.net2021-11-29118.45.228.79
qq1134613140.xicp.net2016-05-21183.55.34.151
a296886540.xicp.net2013-08-14183.136.132.177
a4152640.xicp.net2016-04-15174.128.255.227
upvxzhfhysd40.xicp.net2015-05-27220.79.171.79
bin51505150.xicp.net2021-01-18174.128.255.252
mkfqvban150.xicp.net2021-11-24101.250.108.107
84295950.xicp.net2021-01-14174.128.255.252
173731160.xicp.net2021-01-13174.128.255.252
q1542252160.xicp.net2013-04-22112.231.120.196
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information