Domain > alimama.cn

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://www.trendmicro.nl/media/misc/africa-new-saf...

https://otx.alienvault.com/pulse/56c6e16467db8c125...

Files that talk to alimama.cn

MD5	A/V
ac4eab937086b06438683606ff2ca671	[Win32/Iyeclore.H] [Trojan.Win32.Iyeclore] [Trojan-Ransom.Win32.Cidox.aadi] [Backdoor-AWQ!AC4EAB937086] [winpe/Iyeclore.B] [Hoax.Cidox] [Trojan.Cidox.Win32.5161]
d592c854de438ca7e365e938eeec216f	[W32/Trojan.RXGN-6191] [BDS/Ieyclore.EG] [Win32/Iyeclore.H] [W32/BDoor.FAKJ!tr.bdr] [Delf.YVA] [Trojan.Win32.Iyeclore] [Backdoor-AWQ!D592C854DE43] [Trojan*Win32/Dynamer!dtc] [winpe/Iyeclore.B]
a75ce0f170fb7f0311469fdbb4913e32	[Artemis!A75CE0F170FB] [PUP.Optional.OpenCandy] [Riskware.OpenCandy!] [PE:PUF.OpenCandy!1.9DE5] [OpenCandy] [Adware.Downware.3115] [Win32/JoyDownloader.A] [Sevas.204]
711ED43CE2417BE3BF49CE6CB298606F
4865f0ecbf918efdce432b38041e855e
4bebfb11c158e326b13f5d9790b19296	[W32.AcLuC.PE] [Win32.Almanahe.D] [Virus/W32.Alman.B] [Virus.Win32.Almanahe.2!O] [W32.Almanahe.B] [W32/Almanahe.c] [Win32.Alman.B] [W32/Alman.C] [W32.Almanahe.B!inf] [Alman.B] [Win32/Almanahe.F!x386] [PE_CORELINK.C-1] [Win32:Alman] [W32.Alman-4] [Virus.Win32.Alman.b] [Virus.Win32.Alman.xyevp] [PE:Worm.Magistr.g!497223] [Virus.Win32.Alman.A] [Win32.Alman.1] [Virus.Alman.Win32.2] [W32/Almanahe.B] [W32/Alman-C] [Win32/Almana.c] [Virus/Win32.Alman.b] [Worm.DLan.c.79872] [Virus:Win32/Almanahe.B] [Win32/Alman.C] [Virus.Win32.Alman.B] [W32/Almanahe.C] [Win32/Alman.NAB] [Virus.Win32.Magister.a] [Virus.Win32.Almanahe] [W32/Alman.DB] [Win32/Alman] [Virus.Win32.Alman.$NAB] [Virus.Win32.Alman.C]
637868b6133f5bb2f5335c311e939786	[TR/Delf.OFP.78] [BackDoor.Pigeon1.7955] [Backdoor-AWQ!637868B6133F] [winpe/Iyeclore.B]
A7D18DCA8F33B3C7CA2B8B2224EC00BC
662af778f529021cabf07e37145e5fcc	[HW32.Pedka.emku] [Artemis!662AF778F529] [W32/NewMalware-LSU-based!Maximu]
af4c3a9cee1422f1798ec93e0d63622b	[Artemis!AF4C3A9CEE14] [Win32.Adware.Malplayer.Odur]
816183dff1d9150484145553940b2d78	[APT1.A]
e8baa9d588fd4969d194eb14f3490d27	[W32.WasamalaX.Trojan] [Trojan-Dropper.Win32.Injector!O] [Trojan.Orsam.A5] [Trojan-FBJW!E8BAA9D588FD] [Trojan.Downloader] [Trojan.Llac.Win32.38707] [Trojan.Win32.KillProc.bfqtoc] [TrojanDownloader.D] [Win32/EXEEmbedded.HORAMQD] [Trojan-Dropper.Win32.Injector.hxbu] [Trojan.DR.Injector!+LoCaqxpzbs] [Trojan.KillProc.21800] [TR/Graftor.65786] [TrojanDropper.Injector.bmmj] [Trojan[Dropper]/Win32.Injector] [Win32.Troj.Undef.(kcloud)] [Trojan:Win32/Sisproc] [Dropper/Win32.Injector] [W32/Trojan.NXES-2340] [TrojanDropper.Injector] [Trojan.Win32.Injector.al] [Adware.Win32.Dropper]
577ffdb2fa9b829756cde8f591ece04a	[Artemis!577FFDB2FA9B] [APT1.A] [Trojan.Patched.Win32.37527]
c0e13eb1c1ee22909675523ab79a67e7	[Trojan.Downloader-131535] [Trojan-Downloader.Win32.NSIS]
2e5fbabef38e8f3acd93165495a50f4f	[W32/Bancos.CUVU-2332] [TR/Redosdru.E.201] [Win32/Banker.ZABS] [Backdoor.ZZSlash.g5] [Win32/Redosdru.JA] [W32/ZZSlash.EEG!tr.bdr] [W32/Bancos.AMFI] [Trojan*Win32/Redosdru.E] [Backdoor.ZZSlash]
ce4072f568af78acb25d769df6d403b4	[W32/Backdoor.RLIO-0662] [W32/ArchSMS.A!tr.bdr] [Backdoor-AWQ!CE4072F568AF] [Trojan.PSW.QQPass!4D88] [Mal/ArchSMS-A]
90C323E4D322DBBC8A09209C1BF6A0EE
05408163ab521e185ed881a90d1d56a8
005a740f70830007a837f3cb0af6ab01	[W32.AcLuC.PE] [Win32.Almanahe.D] [Virus/W32.Alman.B] [Virus.Win32.Almanahe.2!O] [W32.Almanahe.B] [W32/Almanahe.c] [Virus.Win32.Alman.xyevp] [W32/Alman.C] [W32.Almanahe.B!inf] [Alman.D] [Win32/Almanahe.F!x386] [PE_CORELINK.C-1] [Win32:Alman] [W32.Alman-4] [Virus.Win32.Alman.b] [Win32.Alman.B] [PE:Worm.Magistr.g!497223] [Virus.Win32.Alman.A] [Win32.Alman.1] [Virus.Alman.Win32.2] [W32/Alman.BB] [Heuristic.BehavesLike.Win32.Suspicious-BAY.K] [W32/Alman-C] [Win32/Almana.c] [Virus/Win32.Alman.b] [Worm.DLan.c.79872] [Virus:Win32/Almanahe.B] [Win32/Alman.C] [Virus.Win32.Alman.B] [W32/Almanahe.C] [Win32/Alman.NAB] [Virus.Win32.Magister.a] [Virus.Win32.Almanahe] [W32/Alman.DB] [Win32/Alman] [Virus.Win32.Alman.$NAB] [Virus.Win32.Alman.C]
45a60cb941aa5fa1fc16f9a6283c3951	[W32.HfsIframe.1d28]

Whois

Property	Value
Organization	Alibaba Group Services Limited
Email	dnsadmin@hk.alibaba-inc.com
NameServer	ns5.taobao.com