Domain > iwear.md

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://ransomwaretracker.abuse.ch/feeds/csv/

https://otx.alienvault.com/pulse/56e85de34637f24cb...

https://ransomwaretracker.abuse.ch/downloads/RW_UR...

Files that talk to iwear.md

MD5	A/V
f19ff73b5eabad8a007f068e40c7233f	[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
4afa0ed70a9a5892d71ee6c74b6ad763	[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
b7b5b4f9fac3b6de82d5fc3ac4665d8c	[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
e66009d3c69f364568d5f0d5dd6ec2d0	[HEUR.JS.Trojan.b] [trojan.js.downloader.1]
faf9673cc7917a298df094c164c4c791	[HEUR.JS.Trojan.b] [JS_NEMUCOD.YYKD] [JS/TrojanDownloader.Nemucod.IT] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
567155206592d2dfe5d384d90ff1e3b5	[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
feb5ca0422b679f0482556106cc0f938
ddc2388cc60d04295f1cf28ab03b48de	[HEUR.JS.Trojan.b] [JS_DLOADR.JBPO] [Win32.Trojan.Raas.Auto] [JS_DLOADR.JBPO] [trojan.js.downloader.1]
4b2da56462bce7ec5f456559fc99d298	[HEUR.JS.Trojan.b] [Win32.Trojan.Raas.Auto] [trojan.js.downloader.1]
0a2755cdcebfc191439bf25ce953a83d	[JS/Nemucod.dt] [JS/TrojanDownloader.Nemucod.IT] [JS_LOCKY.AE] [Win32.Trojan.Raas.Auto] [JS/DwnLdr-NGL] [Trojan-Downloader:JS/Dridex.W] [JS_LOCKY.AE] [JS/Locky.D!Camelot] [JS/Nemucod.IT!tr.dldr] [HEUR.JS.Trojan.b] [TrojanDownloader:JS/Locky] [Trojan-Downloader.JS.Nemucod] [trojan.js.downloader.1]
069fa2f0510aea89d3e841a5d8185250	[JS/Nemucod.dt] [JS/TrojanDownloader.Nemucod.IT] [JS_LOCKY.AE] [Win32.Trojan.Raas.Auto] [JS/DwnLdr-NGL] [Trojan-Downloader:JS/Dridex.W] [JS_LOCKY.AE] [JS/Locky.D!Camelot] [JS/Nemucod.IT!tr.dldr] [HEUR.JS.Trojan.b] [TrojanDownloader:JS/Swabfex.P] [Trojan-Downloader.JS.Nemucod] [trojan.js.downloader.1]

Whois

Property	Value
Name	Vitalii Stepovenco
NameServer	ns5.tophost.md
Created	2015-10-08 00:00:00
Expires	2016-10-08 00:00:00