Help RSS API Feed Maltego Contact                        

Domain > oa.ameteksen.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://blog.crowdstrike.com/sakula-reloaded/    
http://www.secureworks.com/cyber-threat-intelligen...    
http://www.symantec.com/connect/blogs/black-vine-f...    
http://www.symantec.com/content/en/us/enterprise/m...    
https://otx.alienvault.com/pulse/55b7888c4637f26f0...    
https://otx.alienvault.com/pulse/55bb9a424637f2386...    
https://otx.alienvault.com/pulse/564ce8824637f2388...    
https://otx.alienvault.com/pulse/56af8cc34637f2355...    
https://www.crowdstrike.com/blog/french-connection...    

Files that talk to oa.ameteksen.com
MD5A/V
c869c75ed1998294af3c676bdbd56851[Trojan/W32.ZxPlug.141104] [Trojan.Sakurel] [RTF/EXEDrop.A] [TROJ_SAKUREL.A] [Trojan.MulDrop!/U7HvNLW9Pg] [UnclassifiedMalware] [Trojan.MulDrop5.9639] [Win32.Troj.Sakurel.A.(kcloud)] [Trojan:Win32/Sakurel.A] [Trojan.Win32.Sakurel]

Whois
PropertyValue
NameServer NS64.DOMAINCONTROL.COM
Created 2013-10-15 00:00:00
Changed 2014-10-16 00:00:00
Expires 2015-10-15 00:00:00
Registrar GODADDY.COM, LLC