Domain > file4.qqhelper.com

More information on this domain is in AlienVault OTX

Files that talk to file4.qqhelper.com

MD5	A/V
bec85b43408d81d0ba0e1e716576c693	[Win32/DH{WBIgJCIlV05k}] [Trojan.Downloader-24749]
2f50c991fae280af5a89fd62baae7e89	[BackDoor-CVM.dldr] [Trojan.Downloader-24749] [Win32/DH{WBIgJCIlV05k}] [TrojanDownloader*Win32/QQHelper.KA]
e683b01a2dda1487813f447ae38b9ad2	[Trojan.Downloader-24749]

Whois

Property	Value
Email	s3xl00ux@enamewhois.com
NameServer	NS2.4.CN
Created	2013-11-06 00:00:00
Changed	2015-09-21 00:00:00
Expires	2016-11-06 00:00:00
Registrar	ENAME TECHNOLOGY CO.

DNS Resolutions

Date	IP Address
2013-04-01	141.8.226.2 (ClassC)
2015-05-10	124.16.31.143 (ClassC)
2021-08-17	67.21.93.235 (ClassC)
2021-09-22	67.21.93.238 (ClassC)
2023-12-23	67.21.93.236 (ClassC)
2024-02-15	107.167.27.86 (ClassC)
2024-03-27	67.21.93.233 (ClassC)
2024-09-06	208.98.40.15 (ClassC)
2024-10-04	208.98.40.78 (ClassC)
2026-01-10	38.33.45.74 (ClassC)

Port 80

HTTP/1.1 200 OKServer: nginxDate: Sat, 23 Dec 2023 01:51:47 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.2.34

html>    head>        title>qqhelper.com - The domain is available for purchase/title>meta nameviewport contentwidthdevice-width, initial-scale1.0, minimum-scale1.0, maximum-scale1.0, user-scalableno/>script srchttp://libs.baidu.com/jquery/1.9.0/jquery.js>/script>script>$(document).ready(function(){if(window.screen.height700){$(*).css({width:auto,height:auto,background-image:none,position:static});$(p).css(color,black);$(.stencil-tip).css(line-height,30px);}});/script>        style typetext/css>BODY {	FONT-SIZE: 12px; MARGIN: 18px 0px 0px; COLOR: #424242; BACKGROUND-COLOR: #fff; TEXT-ALIGN: center}TD {	FONT-FAMILY: Arial}P {	FONT-FAMILY: Arial}DIV {	FONT-FAMILY: Arial}INPUT {	FONT-FAMILY: Arial}IMG {	BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px}TD {	FONT-SIZE: 12px; LINE-HEIGHT: 150%}TH {	FONT-SIZE: 12px; LINE-HEIGHT: 150%}#f {	MARGIN: 0px; PADDING-TOP: 4px}#B {	WIDTH: 800px}.header {	BORDER-BOTTOM: #b2d0ea 1px solid; HEIGHT: 13px}.header .l {	FLOAT: left}.header .r {	FLOAT: right}.word {	MARGIN-TOP: 38px;	FONT-WEIGHT: bold;	FONT-SIZE: 20px;	COLOR: #58677d;	TEXT-INDENT: 20px;	TEXT-ALIGN: left;	margin-bottom: 30px;}.word123 {	MARGIN-TOP: 38px;	FONT-WEIGHT: normal;	FONT-SIZE: 12px;	COLOR: #00005B;	TEXT-INDENT: 20px;	TEXT-ALIGN: left;	margin-bottom: 30px;}.conter {	PADDING-RIGHT: 20px; MARGIN-TOP: 15px; PADDING-LEFT: 20px; BACKGROUND: url(http://www.4.cn/www/layout/4/backimg.jpg) no-repeat 0px bottom; PADDING-BOTTOM: 0px; PADDING-TOP: 0px}.down {	BORDER-RIGHT: #b5cfe8 1px solid; BORDER-TOP: #b5cfe8 1px solid; FONT-WEIGHT: bold; BORDER-LEFT: #b5cfe8 1px solid; WIDTH: 345px; COLOR: #808080; BORDER-BOTTOM: #b5cfe8 1px solid; FONT-FAMILY: Verdana,Arial; HEIGHT: 156px; BACKGROUND-COLOR: #e7f5ff}.toolr {	MARGIN: 0px 0px 40px 10px; WIDTH: 200px; TEXT-ALIGN: left}.fs_14 {	FONT-SIZE: 14px; COLOR: #333333}.title1 {	BACKGROUND: url() no-repeat 0px bottom; MARGIN-BOTTOM: 25px; FONT: bold 14px/24px Arial, sans-serif; WIDTH: 400px; COLOR: #333333}.title2 {	BACKGROUND: url() no-repeat 0px bottom; MARGIN

Subdomains

Date	Domain	IP
file2.qqhelper.com	2023-12-22	67.21.93.236
file3.qqhelper.com	2024-01-04	67.21.93.236
file4.qqhelper.com	2023-12-23	67.21.93.236
file.qqhelper.com	2023-07-17	64.32.28.231
www.qqhelper.com	2019-06-30	104.160.171.86

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]