Help RSS API Feed Maltego Contact                        

Domain > autopatch.createandhost.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
https://securelist.com/files/2014/11/darkhotelappe...    

Files that talk to autopatch.createandhost.com
MD5A/V
39fc4a3ea44ab9822ed5e77808803727[W32/Trojan.ZDZG-8205] [TR/Dldr.Garveep.B.78] [Trojan.DownLoad2.21151] [W32/Heuristic-119!Eldorado] [Win32/DH{Aw8MfH0gIiU}] [TrojanDownloader*Win32/Garveep.B] [Infostealer] [TROJ_MOTMOT.SMM]
9afebf48611371830c806c863da466a3
d07bbdfc9cc57c6a1ace87433cc2a9a3[TrojanDownloader*Win32/Garveep.B]
89de19ff50dd58eda2b136b65feb3fb0[Trojan/W32.Small.26624.DS] [TrojanAPT.Garveep.DL4] [Backdoor]
82ab0b8246c6677f9866b17794b72e2d[Trojan]
68ca3d3fc4901d1af8d3adc3170af6ad[TrojanAPT.Garveep.DW4] [Downloader-FANJ!68CA3D3FC490] [Backdoor]
03a611a8c2f84e26c7b089d3f1640687[Trojan.Refroso.bhep.n2] [Trojan.Botnetlog.2149] [W32/Bredolab.JYK!tr.bdr] [Virus.Win32.SuspectCRC] [TrojanDownloader*Win32/Garveep.B] [W32/AutoRun-BPO] [TROJ_GARVEEP.SM]

Whois
PropertyValue
Email [email protected]
NameServer PNS2.CLOUDNS.NET
Created 2013-04-23 00:00:00
Changed 2014-03-31 00:00:00
Expires 2015-04-23 00:00:00
Registrar DYNADOT, LLC

DNS Resolutions
DateIP Address
2013-04-01199.59.243.124 (ClassC)
2013-04-01184.168.221.68 (ClassC)
2013-04-01199.59.243.71 (ClassC)
2013-04-01199.59.241.181 (ClassC)
2013-05-26199.59.243.107 (ClassC)
2013-06-16199.59.243.105 (ClassC)
2013-07-2062.116.143.13 (ClassC)
2014-05-3191.230.195.150 (ClassC)
2014-06-06109.201.133.193 (ClassC)
2014-06-07109.201.133.169 (ClassC)
2014-11-21109.201.133.191 (ClassC)
2019-10-15206.189.61.126 (ClassC)
2024-11-10172.65.190.172 (ClassC)
2025-03-2734.205.242.146 (ClassC)
2025-04-1754.161.222.85 (ClassC)
2025-04-203.94.41.167 (ClassC)
2025-04-2552.71.57.184 (ClassC)
2025-05-123.18.7.81 (ClassC)
2025-05-213.19.116.195 (ClassC)
2025-07-2413.216.111.180 (ClassC)
2025-08-2213.223.25.84 (ClassC)
2025-08-2554.243.117.197 (ClassC)

Subdomains
DateDomainIP
bodis2.createandhost.com2014-06-1723.253.135.157
allegro78997.createandhost.com2014-06-09109.201.133.193
www.allegro78997.createandhost.com2013-04-01199.59.243.124
axicalaga.createandhost.com2025-07-0613.216.111.180
cidukope.createandhost.com2013-07-2362.116.143.14
blonze.createandhost.com2013-04-01184.168.221.68
autopatch.createandhost.com2013-04-01184.168.221.68
gurunichi.createandhost.com2013-04-01184.168.221.68
bwppxsoqzzooo.createandhost.com2025-07-0613.216.111.180
redblacksleep.createandhost.com2013-04-01209.51.196.248
allegrossls.createandhost.com2013-04-01199.59.241.181
autopsy.createandhost.com2013-08-10199.59.243.108
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information