Help RSS API Feed Maltego Contact

Domain > ze.am

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as MALICIOUS

Files that talk to ze.am

MD5	A/V
6dcd56772d568f3c650b99b0ea5380b4
61c3b3e0772876226ded72e2ac344a18	[BackDoor-FBVR!61C3B3E07728] [Trojan.Cap1442920.dapb] [Win32/Delf.AJG] [BackDoor.Delf.19.Q] [Backdoor.Bezigate] [W32/Boht.AAR!tr] [Backdoor*Win32/Bezigate.B] [Backdoor.Bozok] [W32/Backdoor.LNCY-8142] [Trojan.Win32.Boht.akq] [Trojan.Boht] [Trojan.DownLoad3.35495] [Win32/Tnega.bfTaFFB]
4ca933ad6652680c1e0184425e665cc0	[Trojan.Win32.Writos.rdp] [Trojan.Win32.Writos.rdp] [TrojanWin32/Bagsu!rfn] [W32/Delf.AAV!tr] [TrojanWin32/Bagsu!rfn] [Win32/Delf.AAV] [Win32/Delf.AAV] [W32/Delf.AAV!tr] [VB2.AECS] [W32/Backdoor.JRVN-0502] [Win32/Tnega.bfTaFFB] [Win32/Tnega.bfTaFFB] [W32/Backdoor.JRVN-0502] [Trojan.Bagsu.r3] [Trojan.Bagsu.r3] [VB2.AECS] [Trojan.Click3.7576] [Trojan.Click3.7576]
1a7193dc7c407d168a7382bd643e9b80	[BackDoor-FBVR!1A7193DC7C40] [Trojan.Cap1442920.dapb] [Win32/Delf.AJG] [BackDoor.Delf.19.Q] [Backdoor.Bezigate] [W32/Boht.AAR!tr] [Backdoor*Win32/Bezigate!rfn] [Backdoor.Bozok] [W32/Backdoor.JLFQ-6780] [Trojan.Win32.Boht.akq] [Trojan.Boht.08293] [Trojan.Boht] [Trojan.DownLoad3.35495] [Win32/Tnega.bfTaFFB]
5156cff80ae4629b8c92f0d036d92cfb	[Backdoor.ADAD@240FF53#00.mg] [Win32/ServStart.AD] [Downloader] [W32/ServStart.AS!tr] [TrojanDownloader*Win32/Yemrok.A] [W32/Trojan.JGMW-6691] [Backdoor.Win32.PcClient] [DDoS.Nitol.09339] [Trojan.DownLoader4.49535]
aabc867d91aecc998bbbe0ab8a1f36cf	[0x590524c6] [Trojan.DownLoader10.22140] [Trojan.Win32.ServStart] [W32/Threat-HLLIE-based!Maximus] [W32/Threat-HLLIE-based!Maximus] [Trojan.ServStart] [DDoS*Win32/Nitol.A] [Win32/ServStart.AD]
7932800dae7ce9b0833c12157c7dd079	[Trojan.Win32.ServStart] [DDoS*Win32/Nitol.A] [W32/ServStart.AD!tr] [Trojan.ServStart] [Trojan.DownLoader10.22140] [W32/Threat-HLLIE-based!Maximus] [Trojan.Win32.ServStart.wvr] [Win32/ServStart.AD] [W32/Threat-HLLIE-based!Maximus]

Whois

Property	Value
Organization	hyon jin park
Email	pkquell@gmail.com
Address	Jung2(i)-dongYeonhwamaeulApt.,
Zip Code	Gyeonggi-do
City	Wonmi-gu
State	Bucheon-si
Country	KR
NameServer	ns2.dnsze.com
Created	2013-05-14 00:00:00
Changed	2016-02-23 00:00:00
Expires	2017-05-14 00:00:00
Registrar	abcdomain (ABCDomain

DNS Resolutions

Date	IP Address
2014-04-26	112.175.184.91 (ClassC)
2014-05-23	1.251.42.7 (ClassC)
2014-07-15	175.126.167.131 (ClassC)
2016-01-08	52.69.134.38 (ClassC)
2025-04-06	139.99.89.153 (ClassC)
2025-05-31	172.104.112.214 (ClassC)

Subdomains

Date	Domain	IP
ip.test119.ze.am	2024-11-03	255.255.255.0
xn--hg3bp4py9ak62a.ze.am	2025-05-13	139.99.89.153
xn--1-9n2fg50at1gca874bda.ze.am	2025-01-19	139.99.89.153
201580ag.ze.am	2023-12-29	182.31.238.61
bozok.ze.am	2016-08-21	116.127.163.71
xn--2-c64fs1rhzm.ze.am	2024-09-13	139.99.89.153
woobin.ze.am	2017-02-16	52.196.132.126
start.cacao.ze.am	2025-05-04	191.233.32.157
nbeso.ze.am	2015-05-04	182.229.13.88
liveontv.ze.am	2025-03-31	172.104.112.214

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information