Help RSS API Feed Maltego Contact                        

Domain > lidgroup.ru

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
http://malware-traffic-analysis.net/2016/05/31/ind...    
http://malware-traffic-analysis.net/2016/05/31/ind...    
http://www.malware-traffic-analysis.net/2016/05/31...    

Files that talk to lidgroup.ru
MD5A/V
b397a094feb048c8bc6d9072e0c56744[JS:Trojan.JS.Downloader.DKX] [Trojan.JYQE-2] [JS:Trojan.JS.Downloader.DKX] [Troj/JSDldr-MC] [BehavesLike.JS.Exploit.lj] [TrojanDownloader:JS/Locky.A] [HEUR.JS.Trojan.ba] [JS/Nemucod.ke] [Js.Trojan.Raas.Auto] [Trojan-Ransom.Script.Locky]
8408eee6db819f783a196a34fe9b0894[JS:Trojan.JS.Downloader.DKX] [JS:Trojan.JS.Downloader.DKX] [JS_LOCKY.FS] [JS:Trojan.JS.Downloader.DKX] [JS:Trojan.JS.Downloader.DKX] [Troj/JSDldr-MC] [JS:Trojan.JS.Downloader.DKX] [JS_LOCKY.FS] [BehavesLike.JS.Downloader.lj] [JS/Dldr.Locky.wgtc] [JS:Trojan.JS.Downloader.DKX] [TrojanDownloader:JS/Locky.A] [JS/Nemucod.ke] [Js.Trojan.Raas.Auto] [Trojan-Ransom.Script.Locky]
6e95437c5c98c50aff50fcc3f42ba22f[JS:Trojan.JS.Downloader.DKX] [JS:Trojan.JS.Downloader.DKX] [JS:Trojan.JS.Downloader.DKX] [JS.Downloader] [JS_LOCKY.FS] [JS:Trojan.JS.Downloader.DKX] [Trojan.Script.Heuristic-js.iacgm] [JS.S.Downloader.12812.A[h]] [JS:Trojan.JS.Downloader.DKX] [Troj/JSDldr-MC] [JS:Trojan.JS.Downloader.DKX] [Trojan.Encoder.4702] [JS_LOCKY.FS] [BehavesLike.JS.Downloader.lj] [JS/Dldr.Locky.wgtc] [TrojanDownloader:JS/Locky.A] [JS:Trojan.JS.Downloader.DKX] [Js.Troj.Js.Downloader!c] [JS/Downloader] [JS:Trojan.JS.Downloader.DKX] [JS/Nemucod.ke] [Js.Trojan.Raas.Auto] [Trojan-Ransom.Script.Locky]

DNS Resolutions
DateIP Address
2014-10-28104.28.4.59 (ClassC)
2025-06-2681.200.147.89 (ClassC)
2025-07-1592.255.111.41 (ClassC)
2025-08-04213.226.126.252 (ClassC)

Port 443

Subdomains
DateDomainIP
24.lidgroup.ru2025-07-2791.142.82.133
yoga.lidgroup.ru2025-07-15213.232.240.18
3kita.lidgroup.ru2025-07-15213.232.240.18
territoriya.lidgroup.ru2025-05-28185.196.119.82
toreza.lidgroup.ru2025-07-15185.196.119.82
ae-web.lidgroup.ru2025-07-2690.156.229.148
imperial-yard.lidgroup.ru2025-07-15185.196.119.82
cloud.lidgroup.ru2025-07-2594.26.240.136
signature.lidgroup.ru2025-05-20185.196.119.82
defense.lidgroup.ru2025-07-2682.97.252.138
exclusive.lidgroup.ru2025-07-15213.232.240.18
staging.lidgroup.ru2025-05-27213.232.240.18
mail.lidgroup.ru2025-07-2685.114.19.138
crm.lidgroup.ru2025-05-27213.232.240.18
gavan.lidgroup.ru2025-07-2684.201.144.186
open.lidgroup.ru2025-07-15185.196.119.82
vitamin.lidgroup.ru2025-07-15185.196.119.82
aerocity.promo.lidgroup.ru2025-07-28185.215.4.50
tender.lidgroup.ru2025-05-20213.232.240.18
piter.lidgroup.ru2025-07-15185.196.119.82
bogatyr.lidgroup.ru2025-05-27213.232.240.18
defans.lidgroup.ru2025-07-2782.97.252.138
subdomains.lidgroup.ru2025-07-15213.232.240.18
fort.lidgroup.ru2025-07-26185.215.4.16
ae-test.lidgroup.ru2025-07-2591.142.82.132
defans-test.lidgroup.ru2025-07-2682.97.252.138
starlayt.lidgroup.ru2025-07-27185.215.4.23
www.lidgroup.ru2014-10-28104.28.4.59
balkany.lidgroup.ru2025-07-15213.232.240.18
iskra-city.lidgroup.ru2025-07-26185.215.4.39
aerocity.lidgroup.ru2025-07-2690.156.229.148
defquiz.lidgroup.ru2025-06-2646.4.70.151
gavquiz.lidgroup.ru2025-07-2746.4.70.151
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information