Malware Domain List

WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.

Page 0 ... 279 280 281 ... 1814

Date (UTC)	Domain	IP	Reverse Lookup	Description	ASN
⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓	⇑ ⇓
2011/12/04_18:36	sdelaem-pro.in/main.php?page=aeb8ca92008321ee	194.219.29.152	-	Blackhole exploit kit	1241
2011/12/04_18:36	sdelaem-pro.in/w.php?f=22&e=2	194.219.29.152	-	trojan	1241
2011/12/04_18:25	vrologicstore.com/zeusnew/config.bin	173.193.5.38	173.193.5.38-static.reverse.softlayer.com.	zeus v2 config file	36351
2011/12/04_18:25	vrologicstore.com/zeusnew/bot.exe	173.193.5.38	173.193.5.38-static.reverse.softlayer.com.	zeus v2 trojan	36351
2011/12/04_18:25	vrologicstore.com/zeusnew/gate.php	173.193.5.38	173.193.5.38-static.reverse.softlayer.com.	zeus v2 drop zone	36351
2011/12/04_14:13	www.hlrxj.com/hmm/config.bin	72.26.221.227	227.224/27.221.26.72.in-addr.arpa.	zeus v2 config file	29791
2011/12/04_14:13	www.hlrxj.com/hmm/bot.exe	72.26.221.227	227.224/27.221.26.72.in-addr.arpa.	zeus v2 trojan	29791
2011/12/04_14:13	www.hlrxj.com/hmm/gate.php	72.26.221.227	227.224/27.221.26.72.in-addr.arpa.	zeus v2 drop zone	29791
2011/12/04_13:55	adunryka.hotmail.ru/profi.bin	194.186.88.58	ftp.hotmail.ru.	zeus v2 config file	3216
2011/12/04_13:55	companian-usa.ru/spys/serv/forum/incom/update.msi	66.166.185.2	h-66-166-185-2.dllatx37.static.covad.net.	zeus v2 config file	18566
2011/12/04_13:55	igonet.it/img/all/imagini.jpg	91.214.72.38	websrv1.rpengineering.it.	zeus v2 config file	49360
2011/12/04_13:55	igonet.it/img/all/imagini.jpeg	91.214.72.38	websrv1.rpengineering.it.	zeus v2 trojan	49360
2011/12/04_13:55	igonet.it/img/all/img.php	91.214.72.38	websrv1.rpengineering.it.	zeus v2 drop zone	49360
2011/12/04_13:55	iopyte.bget.ru/lol/pok.bin	81.222.215.236	mailgermes.beget.ru.	zeus v2 config file	20597
2011/12/04_13:55	iopyte.bget.ru/lol/loe.php	81.222.215.236	mailgermes.beget.ru.	zeus v2 drop zone	20597
2011/12/04_13:55	kickthefuture.com/sysdir_xyu_pizda_jigurda/image005.jpg	188.190.98.211	ip-188-190-98-211.hosted-in.infiumhost.com.	zeus v2 config file	197145
2011/12/04_13:55	kickthefuture.com/sysdir_xyu_pizda_jigurda/gw_x534.php	188.190.98.211	ip-188-190-98-211.hosted-in.infiumhost.com.	zeus v2 drop zone	197145
2011/12/04_13:55	muzicxxxstars.com/mini.png	58.128.228.1	-	zeus v2 config file	4808
2011/12/04_13:55	muzicxxxstars.com/vdfsbvsheg/1241qr.exe	58.128.228.1	-	zeus v2 trojan	4808
2011/12/04_13:55	muzicxxxstars.com/sjdkfhiuehfoiejqwjdf.php	58.128.228.1	-	zeus v2 drop zone	4808
2011/12/04_13:55	reallywanttok.com/iza/che.la	60.19.30.135	-	zeus v2 config file	4837
2011/12/04_13:55	reallywanttok.com/iza/who.exe	217.24.246.7	mx2.atnet.com.al.	zeus v2 trojan	42313
2011/12/04_13:55	atlantatoagofs.ru/che/dwefp.php	46.180.70.139	-	zeus v2 drop zone	39927
2011/12/04_13:55	winner-bets.ru/spys/serv/forum/incom/update.msi	66.166.185.2	h-66-166-185-2.dllatx37.static.covad.net.	zeus v2 config file	18566
2011/12/04_13:55	winner-bets.ru/spys/serv/forum/incom/update.exe	66.166.185.2	h-66-166-185-2.dllatx37.static.covad.net.	zeus v2 trojan	18566
2011/12/04_13:55	winner-bets.ru/spys/message.php	66.166.185.2	h-66-166-185-2.dllatx37.static.covad.net.	zeus v2 drop zone	18566
2011/12/04_13:55	www.fordsupermodeloftheworld.it/media/auico.bin	62.149.140.230	webx220.aruba.it.	zeus v2 config file	31034
2011/12/04_13:55	www.omniaimmobiliare.com/immagini/gg.php	62.149.140.23	webx13.aruba.it.	zeus v2 drop zone	31034
2011/12/04_13:55	www.snoozpay.com/zee/cfg.bin	188.72.202.198	hosting1-de.santrex.net.	zeus v1 config file	28753
2011/12/04_13:55	www.snoozpay.com/zee/bt.exe	188.72.202.198	hosting1-de.santrex.net.	zeus v1 trojan	28753
2011/12/04_13:55	www.snoozpay.com/zee/gate.php	188.72.202.198	hosting1-de.santrex.net.	zeus v1 drop zone	28753
2011/12/04_13:43	morschgeburt.com/main.php?page=1c1417ece4e869ea	87.255.73.19	-	Blackhole exploit kit	15836
2011/12/04_13:43	morschgeburt.com/w.php?f=18&e=2	87.255.73.19	-	trojan	15836
2011/12/04_13:43	gemapayment.net/gibmirgeld_de/index.php	87.255.73.19	-	ransom message	15836
2011/12/04_13:43	gemagate.net/connect/gate.php?hwid=3343242265&pc=SANDBOXA&localip=10.0.1.74&winver=Windows%20XP%20Professional%20x32	87.255.73.19	-	malware calls home	15836
2011/12/04_03:00	remix.to/applet.exe	199.58.187.54	-	Trojan	46562
2011/12/04_02:47	fadfadg.osa.pl/showthread.php?t=46340270	91.208.142.55	-	Blackhole exploit	20616
2011/12/04_02:47	otakpim.com	173.236.165.61	apache2-daisy.managua.dreamhost.com.	Leads to Blackhole exploit	26347
2011/12/03_23:49	advstats.org/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_23:49	rexstats.com/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_23:49	gxstat.com/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_23:49	gxstats.in/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_23:49	seman5.info/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_23:46	gentan3.net/in.cgi?20	95.168.163.152	95-168-163-152.local.	Leads to Blackhole exploit	28753
2011/12/03_17:24	avivitnir.byethost7.com/install/setup10.exe	209.190.24.9	9.18.be.static.xlhost.com.	trojan	10297
2011/12/03_16:57	cvrv.net/in.cgi?20	95.168.163.154	95-168-163-154.local.	Leads to Blackhole exploit	28753
2011/12/03_16:45	test.vgottalent.com/index.php?page=0ed7676a254f5fec	178.18.249.5	-	Blackhole exploit	31147
2011/12/03_16:45	test.vgottalent.com/content/g43kb6j34kblq6jh34kb6j3kl4.jar	178.18.249.5	-	Blackhole exploit	31147
2011/12/03_16:45	test.vgottalent.com/content/v1.jar	178.18.249.5	-	Blackhole exploit	31147
2011/12/03_16:45	test.vgottalent.com/getJavaInfo.jar	178.18.249.5	-	Blackhole exploit	31147

Page 0 ... 279 280 281 ... 1814

You can find an overview of downloadable lists here

Search:			Results to return:		Include inactive sites