Help RSS API Feed Maltego Contact                        

Domain > duckdns.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to duckdns.com
MD5A/V
02dc5a2e0d34916a4fb37b7dace178bb[BKDR_FYNLOS.SMM] [Win32/Fynloski.DY] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [Troj/Backdr-ID] [Backdoor.Graybird] [Trojan.Fynloski.Win32.3191] [BackDoor.Comet.884] [Backdoor.A312A6AC9A8706CD] [Trojan.FakeMS] [Trojan.Win32.Fynloski] [Backdoor*Win32/Fynloski.A] [Backdoor.DarkKomet] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [Backdoor.Win32.DarkKomet.c] [Win32/Fynloski.AM] [WIN.Trojan.DarkKomet] [Backdoor.Win32.DarkKomet.aagt]
3d50fea841f8d8a687e5df89985d4c4a[Backdoor.0100@2FF0204@2F.mg] [Trojan.Inject.AUZ] [Win32/Fynloski.AA] [Backdoor.Graybird] [Trojan.Inject.AUZ] [Backdoor*Win32/Fynloski.A] [Trojan.Inject.AUZ] [Trojan.FakeMS] [Trojan.Win32.Fynloski] [Trojan.Inject.AUZ] [Trojan.Fynloski.Win32.3191] [Backdoor.Win32.DarkKomet.aagt] [BKDR_FYNLOS.SMM] [Troj/Backdr-ID] [Backdoor.DarkKomet] [Trojan.Inject.AUZ] [Trojan.Inject.AUZ] [WIN.Trojan.DarkKomet] [BackDoor.Comet.2020] [Trojan.Inject.AUZ] [Win32/Fynloski.DY]
79f06f81dae0a160a7c9f3f8776d5730[Backdoor.XTRat] [Backdoor.XRat!FZ2LfRjBIIQ] [Backdoor.DarkKomet.Win32.27485] [Troj/MSIL-ECI] [Backdoor/XRat.av] [Trojan[Backdoor]/Win32.XRat] [Trojan.Kazy.D94A48] [Backdoor/Win32.DarkKomet] [Backdoor.DarkKomet] [MSIL6.BWQM]
a8104056885951de34d9aa588fc201a4
18295c028113fca23250b7b6933b40ee[W32.GodatyLTAC.Trojan] [Trojan.Bladabindi.B3] [Trojan-FIGN] [MSIL.Backdoor.Bladabindi.a] [Backdoor.Ratenjay] [BKDR_BLADABI.SMC] [Win.Trojan.B-468] [Trojan-Spy.MSIL.KeyLogger.jld] [Trojan.Win32.DownLoader10.dbxzfj] [Backdoor.MSIL.Bladabindi!1.9E49] [Troj/MSIL-HX] [TrojWare.MSIL.Bladabindi.KX] [Trojan.Fsysna.3434] [Trojan.Bladabindi.Win32.14971] [BKDR_BLADABI.SMC] [BehavesLike.Win32.BackdoorNJRat.mm] [TrojanSpy.MSIL.jbm] [BDS/Bladabindi.blgr] [Trojan[Spy]/MSIL.KeyLogger.jld] [Win32.Troj.Undef.(kcloud)] [Backdoor:MSIL/Bladabindi.AJ] [Trojan/Win32.Bladabindi] [Trojan.MSIL.Disfa] [Trojan.Msil] [BackDoor.MSIL.L]
6b5f4bba46304472a4fbd1018596892d[Trojan.Bladabindi.B3] [MSIL.Backdoor.Bladabindi.a] [SAPE.Heur.18d9] [BKDR_BLADABI.SMC] [Win.Trojan.B-468] [Trojan.Win32.DownLoader10.ctopxm] [Backdoor.MSIL.Bladabindi!1.9E49] [Troj/MSIL-HX] [TrojWare.MSIL.Bladabindi.KX] [Trojan.DownLoader10.25731] [Trojan.Bladabindi.Win32.15180] [BKDR_BLADABI.SMC] [BehavesLike.Win32.BackdoorNJRat.mm] [Trojan/Refroso.dep] [Trojan[:HEUR]/Win32.Unknown] [Win32.Troj.Undef.(kcloud)] [Backdoor:MSIL/Bladabindi.AJ] [Trojan-FIGN] [Trojan.MSIL.Bladabindi] [PSW.ILUSpy]

Whois
PropertyValue
Email privacyprotect@hebeidomains.com
NameServer NS2.HASTYDNS.COM
Created 2013-09-28 00:00:00
Changed 2015-09-29 00:00:00
Expires 2016-09-28 00:00:00
Registrar HEBEI GUOJI MAOYI (S

DNS Resolutions
DateIP Address
2021-02-2869.162.80.60 (ClassC)
2023-12-01103.224.182.246 (ClassC)
2024-02-2295.211.189.138 (ClassC)
2024-06-0795.211.189.152 (ClassC)
2025-04-1595.211.189.151 (ClassC)
2025-05-2095.211.189.137 (ClassC)
2025-06-24192.198.80.150 (ClassC)
2025-08-03192.198.80.149 (ClassC)
2025-08-16192.198.80.148 (ClassC)
2025-11-24192.198.80.147 (ClassC)
2026-01-12172.98.192.45 (ClassC)
2026-02-08172.98.192.43 (ClassC)
2026-02-12172.98.192.44 (ClassC)

Subdomains
DateDomainIP
deniz1243.duckdns.com2015-08-2269.162.80.55
pezevenksikmedc.duckdns.com2025-05-07192.198.80.147
botangroupinc.duckdns.com2025-07-27192.198.80.150
sjokolade.duckdns.com2025-01-1795.211.189.152
bonsai.duckdns.com2025-04-1263.143.32.93
sansibarbackup.duckdns.com2025-04-1263.143.32.86
sunsay.duckdns.com2019-05-2869.162.80.58
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information