Help RSS API Feed Maltego Contact                        

Domain > cfud.biz

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://otx.alienvault.com/pulse/561c07c367db8c47d...    
https://www.damballa.com/corebot-and-darknet/    

Files that talk to cfud.biz
MD5A/V
f60c2ba5ec0d2af59afa43f785692b8e[HW32.Packed.611C] [Trojan.Win32.Rogue.drovzf] [Riskware.NoobyProtect!] [Win32.Trojan.Rogue.Eamu] [UnclassifiedMalware] [BehavesLike.Win32.Spyware.tc] [W32/Trojan.GCSJ-2955] [TR/Rogue.1805824.3] [Artemis!F60C2BA5EC0D] [Trj/Chgt.O] [PE:Malware.XPACK-LNR/Heur!1.5594] [PossibleThreat] [PSW.MSIL.ALYS] [Hacktool.Win32.NoobyProtect.Q]

Whois
PropertyValue
NameIsmir M Faruh
Organization Private Person
Email ismir.faruh@vfemail.net
Address Tahrir pl 18 apt 38b
Zip Code 16789
City Cairo
State Cairo
Country EG
Phone +40.1671687956
NameServer BRETT.NS.CLOUDFLARE.COM
Created 2014-11-10 17:54:07
Changed 2015-03-26 14:41:27
Expires 2015-11-09 23:59:59
Registrar PDR LTD. D/B/A PUBLI