Domain > 6i3cb6owitcouepv.spatopayforwin.com

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as MALICIOUS

Reports

http://www.malware-traffic-analysis.net/2015/08/13...

https://otx.alienvault.com/pulse/55cdaee84637f20b6...

https://otx.alienvault.com/pulse/55d60cab4637f2685...

https://www.dshield.org/forums/diary/Actor using A...

Files that talk to 6i3cb6owitcouepv.spatopayforwin.com

MD5	A/V
974cdb0a90436ffa8af5007347dff76f	[HW32.Packed.5B09] [Artemis!974CDB0A9043] [Trojan.CryptoWall] [Win32/Filecoder.CO] [Trojan-Ransom.Win32.Cryptodef.xxi] [BehavesLike.Win32.BadFile.cc] [TR/Crypt.ZPACK.176446] [Trojan[Ransom]/Win32.Cryptodef] [W32/Cryptodef.CO!tr] [Trojan.Win32.Ransom.xxi]

Whois

Property	Value
Email	cormidapeto1982@mail.ru
NameServer	NS2.MNE.RU
Created	2015-07-25 00:00:00
Changed	2015-07-25 00:00:00
Expires	2016-07-25 00:00:00
Registrar	PDR LTD. D/B/A PUBLI

DNS Resolutions

Date	IP Address
2015-08-04	80.78.251.170 (ClassC)
2016-09-03	109.201.135.34 (ClassC)
2016-09-21	158.69.145.50 (ClassC)
2016-09-23	149.202.120.35 (ClassC)
2016-09-26	158.69.145.48 (ClassC)
2016-10-01	158.69.143.101 (ClassC)
2016-10-04	158.69.143.96 (ClassC)
2016-10-17	158.69.143.100 (ClassC)
2016-10-27	158.69.143.105 (ClassC)
2017-01-08	158.69.143.102 (ClassC)
2017-02-11	158.69.143.97 (ClassC)
2017-03-03	149.202.120.32 (ClassC)
2017-03-08	149.202.120.33 (ClassC)
2017-03-15	184.172.106.42 (ClassC)
2017-04-19	158.69.143.104 (ClassC)
2017-07-16	158.69.143.110 (ClassC)
2017-08-07	149.202.120.39 (ClassC)
2017-08-27	149.202.120.42 (ClassC)
2017-09-13	158.69.143.99 (ClassC)
2017-09-18	149.202.120.47 (ClassC)
2017-11-15	158.69.225.39 (ClassC)
2017-12-29	158.69.145.61 (ClassC)
2017-12-29	158.69.143.116 (ClassC)
2018-01-31	158.69.145.52 (ClassC)
2018-02-12	109.201.135.43 (ClassC)
2018-02-20	37.48.65.155 (ClassC)
2018-03-09	158.69.145.59 (ClassC)
2018-04-02	37.48.65.145 (ClassC)
2018-04-22	37.48.65.153 (ClassC)
2018-05-23	162.222.213.198 (ClassC)
2018-06-19	162.222.213.197 (ClassC)
2018-06-23	162.222.213.199 (ClassC)
2018-07-18	162.222.213.196 (ClassC)
2018-08-26	109.201.133.71 (ClassC)
2018-10-18	37.48.65.144 (ClassC)
2018-11-28	162.222.213.195 (ClassC)
2019-03-19	37.48.65.136 (ClassC)
2019-08-30	94.229.72.122 (ClassC)
2019-09-06	109.201.133.56 (ClassC)
2020-03-10	109.201.133.54 (ClassC)
2024-06-24	162.210.199.65 (ClassC)
2024-09-06	82.192.82.227 (ClassC)
2024-10-28	69.162.95.4 (ClassC)
2024-12-24	192.157.56.140 (ClassC)
2025-03-03	192.157.56.141 (ClassC)
2025-04-14	192.157.56.139 (ClassC)
2025-05-04	185.107.56.194 (ClassC)
2025-05-18	37.48.65.154 (ClassC)
2025-05-31	199.115.116.216 (ClassC)
2025-08-04	74.63.241.25 (ClassC)
2025-08-07	162.210.196.166 (ClassC)
2025-08-10	207.244.65.58 (ClassC)

Port 443

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]