Help RSS API Feed Maltego Contact                        

Domain > t2.mailsecurityservice.com

More information on this domain is in AlienVault OTX

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://citizenlab.org/2015/10/targeted-attacks-ng...    
https://otx.alienvault.com/pulse/5621208f4637f21ec...    

Files that talk to t2.mailsecurityservice.com
MD5A/V
49748f2de108dc693fe938ab7e2c494a[Trojan/Refroso.bznz] [Trojan.Korplug!lV5K+IdbTcc] [WS.Reputation.1] [Backdoor.Win32.Zegost.msvsa] [Artemis] [W32/Trojan.KFPO-0708] [W32/ZEGOST.FW!tr.bdr] [Artemis!56F0E67D9810] [Trj/CI.A] [Win32.Backdoor.Zegost.Pdwe] [Trojan.Win32.Korplug] [Backdoor.Win32.Zegost.msvsa] [Win32/Trojan.c0f]
15c926d2602f65be0de65fa9c06aa6c6[TrojanAPT.Plugx.LA4] [Trojan.Korplug!DhL6m/waTYI] [Backdoor.Korplug] [Backdoor.Win32.Zegost.aivq] [Trojan.Win32.Korplug.dilgoa] [Backdoor.Win32.A.Zegost.254865[h]] [Virus.Win32.Heur.l] [UnclassifiedMalware] [Trojan.DownLoader15.3923] [W32/Trojan.PHSP-0637] [TR/Korplug.7168.2] [W32/Korplug.CY!tr] [Trojan.Graftor.D2839C] [Trojan:Win32/Skeeyah.A!rfn] [Trj/CI.A] [Trojan.Win32.Korplug] [Backdoor.Win32.Zegost.aivq]
0118b883da6b6b10e0298ec1c5f1a4b9[TrojanAPT.Plugx.B4] [Trojan.Korplug.Win32.307] [Trojan/Refroso.bznz] [Trojan.Win32.Korplug.dqxclr] [Backdoor.Win32.Gulpix.afn] [Backdoor.Gulpix!meoTYsuOOns] [Troj/Plugx-AP] [BehavesLike.Win32.Downloader.dc] [TR/Korplug.4768] [Trojan[Backdoor]/Win32.Gulpix] [Trojan:Win32/Sidelod.A!dha] [Trojan.Win32.Korplug] [W32/Gulpix.AFN!tr.bdr] [Trj/CI.A]
218424312c2811a9a9e77624343babd9[TrojanAPT.Plugx.B4] [Artemis!218424312C28] [Trojan/Refroso.bznz] [Trojan]

Whois
PropertyValue
NameServer NS78.DOMAINCONTROL.COM
Created 2013-08-23 00:00:00
Changed 2015-05-18 00:00:00
Expires 2017-08-23 00:00:00
Registrar GODADDY.COM, LLC

DNS Resolutions
DateIP Address
2015-03-23103.20.222.244 (ClassC)
2024-05-05153.234.168.99 (ClassC)
2024-06-25153.234.52.138 (ClassC)
2024-07-16153.237.56.65 (ClassC)
2024-08-3061.118.155.193 (ClassC)
2024-09-10153.248.10.165 (ClassC)
2024-11-21153.234.67.222 (ClassC)
2024-12-16153.148.106.3 (ClassC)
2024-12-22153.148.1.0 (ClassC)
2025-01-13153.148.108.4 (ClassC)
2025-02-1258.91.12.7 (ClassC)
2025-03-10114.157.115.237 (ClassC)
2025-03-20114.168.46.42 (ClassC)
2025-04-22114.149.212.63 (ClassC)
2025-05-15153.236.174.220 (ClassC)
2025-06-01153.236.203.165 (ClassC)
2025-06-05153.234.133.221 (ClassC)
2025-06-20153.235.116.218 (ClassC)
2025-07-08153.234.172.104 (ClassC)

Subdomains
DateDomainIP
t1.mailsecurityservice.com2024-07-03153.234.52.138
t2.mailsecurityservice.com2015-03-23103.20.222.244
client.mailsecurityservice.com2024-07-03153.234.52.138
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information