Help RSS API Feed Maltego Contact                        

Domain > army.xxuz.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://raw.githubusercontent.com/fireeye/pivy-rep...    
https://www.fireeye.com/resources/pdfs/fireeye-poi...    

Files that talk to army.xxuz.com
MD5A/V
77eeb2f71db29a897099ba1b618cf0d8
5f0bb4d702ed341cf4c3185d4c141110[W32.Clod1fb.Trojan.7ede] [Backdoor.Win32.Inject!O] [Backdoor.Inject.xiv] [Backdoor/Inject.xiv] [Downloader] [TROJ_BIND32.SMEP] [Win.Trojan.Inject-1466] [Backdoor.Win32.Inject.xiv] [Backdoor.Inject!VncjY+q36tI] [Backdoor.Win32.A.Inject.516608] [UnclassifiedMalware] [Trojan.KillProc.14742] [Backdoor/Inject.blf] [Trojan[Backdoor]/Win32.Inject] [Backdoor:Win32/Poison.E] [W32/Trojan.UEFX-7746] [Backdoor.Inject] [Backdoor.Win32.Inject.aqGm] [Backdoor.Win32.Inject] [Backdoor*Win32/Poison.E] [Dropper.p]
40FF8EB6AD4294B9A9B9868E9BA4D952
392F15C431C00F049BB1282847D8967F
090A6A5DA51AA84413E42B2C00E4521F

Whois
PropertyValue
NameNetwork OperationsZZZ, ChangeIP
Email noc@changeip.com
Address 1200 Brickell Avenue
Zip Code 33131
City Miami
State FL
Country US
Phone +1.8007913367
Fax +1.7862246593
NameServer NS3.CHANGEIP.ORG
Created 2001-03-30 02:00:00
Changed 2014-01-23 01:00:00
Expires 2015-03-30 00:00:00
Registrar NETWORK SOLUTIONS, L