Help RSS API Feed Maltego Contact                        

Domain > dtl.dnsd.me

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://sophosnews.files.wordpress.com/2013/07/soph...    
http://targetedthreats.net/media/2.2%20Extended%20...    
https://citizenlab.org/2013/08/surtr-malware-famil...    
https://citizenlab.org/wp-content/uploads/2012/07/...    
https://otx.alienvault.com/pulse/5543ca44b45ff52a6...    
https://otx.alienvault.com/pulse/55553e26b45ff5703...    
https://raw.githubusercontent.com/citizenlab/malwa...    
https://www.fireeye.com/resources/pdfs/fireeye-mal...    
https://www.mpi-sws.org/~stevens/pubs/sec14.pdf    
https://www.usenix.org/system/files/conference/use...    

Files that talk to dtl.dnsd.me
MD5A/V
548da1d9b5bd6d6228ea1cf950f8aa4e
19f34fadbb331751d87ba58860d96e40
de4e6b4161fa6d2f5b9e548fb0a77ecc
ff6cd8d0dc31cc08567c672a47396a54
ecf6337a741cbefeafb55fe0dbadb978
9f55ff3564f67af116ab45fe23d48985
4e25355848ce2dd843a6ed74254a54f7
ab8ccda0a8866c824604971972e879b5
c2de5289a958a52a65c2c47ead4f012e
69a400506a6bac8dc90fd90d60533e22
0bfd20cca806e7ff8e7471172b72e101
abb8645d805cb8045186168f569f6333
2d714c415031a5ce92578fc1a1dc5b0c
65c65a4d7ba7834497452b24f81448b6
6ff9a5a80fabe8da9d57576a5f60a3c4
554233a6bba24c7f1cf5dd81bcd80e4d
3ef0b33f08a26e86d25a7012d8900d47
c70fe0e33e1131f14d9c6ab70e98145a
6f90f9cc76747e1f002618f17cc2d221[Exploit-CVE2012-0158.f!rtf] [Exploit] [Trojan.Dropper] [Win32.Trojan] [Exploit.Win32.CVE-2012-0158.j] [Exploit.CVE2012-0158.16] [EXP/CVE-2012-0158.A.1334] [Exp/20120158-A] [Exploit:Win32/CVE-2012-0158.AX] [Trojan.Win32.A.EX-CVE-2012-0158.985817] [Exploit.MS04.CVE-2004-0210-2012-0158] [W32/20120158.A!exploit]
5d86e9ae5f2a2bf9d00716344dd7a1f3

Whois
PropertyValue
NameWhoisGuard Protected
Organization WhoisGuard, Inc.
Email [email protected]
Address P.O. Box 0823-03411
Zip Code 00000
City Panama
State Panama
Country PA
Phone +507.8365503
NameServer dns102.registrar-servers.com
Created 2011-07-29 18:27:53
Changed 2014-12-12 05:42:35
Expires 2015-07-29 18:27:53
Registrar eNom Inc R32-ME (48)

DNS Resolutions
DateIP Address
2012-09-1074.121.191.200 (ClassC)
2013-05-0374.121.190.38 (ClassC)
2013-06-03210.209.116.252 (ClassC)
2013-06-16210.209.116.252 (ClassC)
2013-11-12216.244.74.124 (ClassC)
2014-02-14208.115.124.107 (ClassC)
2014-05-31101.55.120.216 (ClassC)
2015-06-06199.59.166.108 (ClassC)
2015-07-06199.59.166.109 (ClassC)
2016-10-208.5.1.32 (ClassC)
2018-01-0154.72.9.51 (ClassC)
2018-10-07185.53.178.8 (ClassC)
2018-11-16198.54.117.199 (ClassC)
2018-11-16198.54.117.200 (ClassC)
2018-11-16198.54.117.197 (ClassC)
2018-11-16198.54.117.198 (ClassC)
2020-01-1791.195.240.94 (ClassC)
2020-07-11103.224.212.222 (ClassC)
2020-08-0570.32.1.32 (ClassC)
2020-08-30103.224.212.221 (ClassC)
2020-11-09162.210.196.171 (ClassC)
2020-12-12162.210.196.173 (ClassC)
2020-12-15199.115.116.162 (ClassC)
2021-01-0594.229.72.115 (ClassC)
2021-01-1094.229.72.124 (ClassC)
2021-02-2294.229.72.120 (ClassC)
2021-07-2694.229.72.116 (ClassC)
2022-04-27162.210.196.172 (ClassC)
2024-01-05199.115.115.102 (ClassC)
2024-02-20108.59.12.98 (ClassC)
2024-03-1694.229.72.123 (ClassC)
2024-04-06108.59.12.100 (ClassC)
2024-04-19108.59.12.99 (ClassC)
2024-05-0294.229.72.119 (ClassC)
2024-05-1994.229.72.122 (ClassC)
2024-05-23108.59.12.101 (ClassC)
2024-06-21207.244.76.129 (ClassC)
2024-08-0394.229.72.118 (ClassC)
2024-10-09207.244.76.132 (ClassC)
2025-01-12207.244.76.130 (ClassC)
2025-01-20207.244.76.131 (ClassC)
2025-04-2094.229.72.125 (ClassC)
2025-04-2394.229.72.117 (ClassC)
2025-05-2594.229.72.121 (ClassC)
2025-06-1223.82.16.53 (ClassC)
2025-06-2423.82.16.57 (ClassC)
2025-07-1323.82.16.55 (ClassC)
2025-08-1323.82.16.56 (ClassC)
2025-08-2423.82.16.54 (ClassC)
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information