Help RSS API Feed Maltego Contact

Domain > wmi.ns01.us

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

https://www.fireeye.com/blog/threat-research/2014/...

Files that talk to wmi.ns01.us

MD5	A/V
CD07A9E49B1F909E1BD9E39A7A6E56B4
88b375e3b5c50a3e6c881bc96c926928	[Backdoor.Win32.Poison!O] [Backdoor.Poison.r3] [Backdoor.Poison.Win32.56703] [Backdoor/Poison.dnfc] [Backdoor.Darkmoon] [BKDR_POISON.TUEH] [Backdoor.Win32.Poison.dnfc] [Trojan.Win32.Poison.tsoen] [Backdoor.W32.Poison.dnfc!c] [Win32.Backdoor.Poison.Ecud] [UnclassifiedMalware] [BackDoor.Poison.11982] [BKDR_POISON.TUEH] [Artemis!Trojan] [Backdoor/Poison.uuw] [BDS/Poison.E.1181] [Backdoor:Win32/Poison.E] [Backdoor.Win32.A.Poison.40960.AZ[h]] [Trojan/Win32.Poison] [Artemis!88B375E3B5C5] [Backdoor.Win32.Hupigon.dguz] [Backdoor.Poison!kpBeXDJuDJ4] [Virus.Win32.Poison.DE] [W32/Poison.DNFC!tr.bdr] [Trojan.Win32.Poison.cc] [Win32/Backdoor.169]

Whois

Property	Value
Name	ChangeIP.com
Organization	ChangeIP.com
Email	[email protected]
Zip Code	33131
City	Miami
State	FL
Country	US
Phone	+1.8007913367
Fax	+1.7862246593
NameServer	NS2.CHANGEIP.ORG
Created	2002-04-24 19:27:24
Changed	2013-04-23 21:08:29
Expires	2015-04-24 01:59:59
Registrar	NETWORK SOLUTIONS IN

DNS Resolutions

Date	IP Address
2013-04-01	192.74.246.91 (ClassC)
2019-03-08	31.13.65.18 (ClassC)
2019-03-08	205.186.152.122 (ClassC)
2025-08-23	0.0.0.0 (ClassC)

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information