Help RSS API Feed Maltego Contact                        

Domain > buyfuntees.com

Welcome! Right click nodes and scroll the mouse to navigate the graph.
More information on this domain is in AlienVault OTX

Is this malicious?

Reports
http://pastebin.com/nHK8bKNF    
https://otx.alienvault.com/pulse/56e6c78267db8c408...    

Files that talk to buyfuntees.com
MD5A/V
2ff807c3bc0586bd1f24e8939499045e[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto]
ab59ef4369ce9fce9d906f8e34f1dc73
bc5c7011f687446240972540f86696c8[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
b555c7142b61a029b7aca65e170a326f[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
bd597d87a56e0ef64d3fb8489b79a87a
c187ee412689f61f6c626548e15dcf83[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
12f7062c0361539215b1da40f2031d37[Win32.Trojan.Raas.Auto] [HEUR.JS.Trojan.b] [trojan.js.downloader.1]
4d62b64325309069d19332ee8419eeab[JS_NEMUCOD.CX] [JS_NEMUCOD.CX] [HEUR.JS.Trojan.b] [JS/TrojanDownloader.Nemucod.IT] [trojan.js.downloader.1]
6402fb05c9705c2a4087534bf8731446[JS/TrojanDownloader.Nemucod.IT] [Win32.Trojan.Raas.Auto] [Trojan-Downloader:JS/Locky.D] [Downloader.GSUV] [HEUR.JS.Trojan.b] [trojan.js.downloader.1]
e9bbb3d743981c0d5abd0bc419ac2d61[Trojan-Downloader:JS/Locky.D] [HEUR.JS.Trojan.b] [JS/TrojanDownloader.Nemucod.IT] [trojan.js.downloader.1]
4207a1d709df4e92edfdc0f2af5fb3d3[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
7ea11343d82acb34ce2adeda3672b279[JS/TrojanDownloader.Nemucod.IT] [HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
4260b28a45a673ac59191654489cf0f4[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
2f6458afd88a5c57cf2d842065c6c18f[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
92e6141fa56a5f79f721e10f98bc474d[JS/Nemucod.dt] [JS/TrojanDownloader.Nemucod.IT] [JS_LOCKY.AE] [JS/DwnLdr-NGL] [Trojan-Downloader:JS/Dridex.W] [JS_LOCKY.AE] [JS/Nemucod.dt] [JS/Locky.D!Camelot] [JS/Nemucod.IT!tr.dldr] [HEUR.JS.Trojan.b] [TrojanDownloader:JS/Swabfex.P] [Win32.Trojan.Raas.Auto] [Trojan-Downloader.JS.Nemucod] [trojan.js.downloader.1]
b89d32c2a21ee98ff51252319da332fb

Whois
PropertyValue
Email TIM@PRINT-N-TEES.COM
NameServer NS2.SITE-HOST.COM
Created 2015-11-17 00:00:00
Changed 2015-12-11 00:00:00
Expires 2016-11-17 00:00:00
Registrar ENOM, INC.