Domain > primasentrausaha.com

More information on this domain is in AlienVault OTX

Reports

https://blogs.sophos.com/2016/01/06/the-current-st...

Files that talk to primasentrausaha.com

MD5	A/V
a1425da461babbf6e60368f19f6d5f7c
721708e86afab9bc80c00981f6b0a564	[Trojan.Kovter] [Trojan.AVKill.60640] [BehavesLike.Win32.PWSZbot.dc] [Mal/Behav-116] [Trojan.Graftor.D432EA] [W32/TeslaCrypt.I!tr] [Ransom_r.S]
3c0b884e2e14f1e0d3172f362769a32a	[Ransomware-FHE!3C0B884E2E14] [Trojan.SelfDelete] [Win32.Trojan.WisdomEyes.151026.9950.9999] [BehavesLike.Win32.Autorun.fh]
c4322fb65e4275fa258193aa2ec0450b	[Win32.Trojan.Filelocker.Swak]
b25dea987aab929ffa60ac9c50bcf9c0	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Win32.AVKill.ebbyxx] [Trojan.Cryptolocker.N] [Win32/Filecoder.TeslaCrypt.K] [Ransom_CRYPTESLA.YUYAJY] [Trojan-Ransom.Win32.Bitman.tuh] [Uds.Dangerousobject.Multi!c] [Mal/Ransom-EM] [Ransom_CRYPTESLA.YUYAJY] [BehavesLike.Win32.Downloader.fh] [TR/Crypt.Xpack.426272] [Ransom:Win32/Tescrypt.R] [RDN/Ransomware-FHE] [Trj/TeslaCrypt.A] [Trojan.Win32.Filecoder] [FileCryptor.IWG]
6a220cd5bee00f03ede29a21b7c387f5	[W32.KrypserLTV.Trojan] [Ransom.Teslacrypt.OD4] [Ransomware-FHE!6A220CD5BEE0] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Cryptolocker.N] [Ransom_CRYPTESLA.USVNC21] [Trojan-Ransom.Win32.Bitman.tyu] [Trojan.Win32.AVKill.ebbssz] [Troj/Ransom-CON] [Trojan.AVKill.60650] [Ransom_CRYPTESLA.USVNC21] [Ransomware-FHE!6A220CD5BEE0] [Trojan.Bitman.xb] [TR/Crypt.Xpack.425746] [Ransom:Win32/Tescrypt.R] [Troj.Ransom.Atb!c] [Trojan.Ransom.TeslaCrypt] [Trojan.Win32.Injector.CUYA] [Win32.Trojan.Filelocker.Wofy] [Trojan-Ransom.TeslaCrypt4] [W32/CUYA.CON!tr]
70490bacac6788d363e8835269eec643	[Trojan/W32.Ransom.372736.B] [Ransomware-FHE!70490BACAC67] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9993] [Win32/Filecoder.TeslaCrypt.K] [TROJ_FRS.0NA003CO16] [Mal/Ransom-EM] [Trojan.AVKill.60660] [TROJ_FRS.0NA003CO16] [Ransom:Win32/Tescrypt.R] [Trojan.Midie.D2105] [Trj/GdSda.A] [Trojan-Ransom.TeslaCrypt4] [FileCryptor.IWB] [Win32/Trojan.640]
e0de7f084225e309356327fd92caceb9
41794429d51566e602188c9f47582a0b	[Trojan/W32.TeslaCrypt.372736] [Ransom.Teslacrypt.OD4] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Win32/Filecoder.TeslaCrypt.K] [Ransom_HPCRYPTESLA.SM2] [Trojan.Win32.Yakes.pjpl] [Trojan.Win32.AVKill.ebbsfu] [Mal/Ransom-EG] [Trojan.AVKill.60640] [RDN/Ransomware-FHE] [W32/Trojan.LQRR-1514] [Trojan.Yakes.ilz] [TR/Crypt.Xpack.425953] [Ransom:Win32/Tescrypt] [Trojan.Symmi.DF347] [RDN/Ransomware-FHE] [Trojan.Yakes] [Win32.Trojan.Yakes.Pavp] [Trojan.Yakes!RJpPgelM4YU] [Trojan.Win32.Filecoder] [FileCryptor.ITJ]
60efc6fb2b14ebaf349f8052072b25c2	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9996] [Win32/Filecoder.TeslaCrypt.K] [Trojan.AVKill.60644] [TR/Crypt.Xpack.425685] [Trojan/Win32.Teslacrypt] [Trj/TeslaCrypt.A]
668364fcf9c5449680c0d4be77785f1d	[HW32.Packed.73AA] [Trojan.Bedep] [Troj.W32.Yakes] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Win32/Filecoder.TeslaCrypt.K] [Trojan.AVKill.60677] [Trojan/Win32.FakeMS] [W32/Kryptik.EQBM!tr]
511c045ddb2cbea5ff4165bd96d4821c	[W32.KrypserLTAA.Trojan] [Ransomware-FHE!511C045DDB2C] [Ransom.TeslaCrypt] [Trojan.Filecoder.Win32.2156] [Uds.Dangerousobject.Multi!c] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Win32/Filecoder.TeslaCrypt.K] [Ransom_HPCRYPTESLA.SM2] [Trojan-Ransom.Win32.Bitman.uao] [Trojan.Win32.AVKill.ebbyxx] [Mal/Ransom-EM] [Trojan.AVKill.60668] [Ransomware-FHE!511C045DDB2C] [TR/Crypt.Xpack.426272] [Ransom:Win32/Tescrypt.R] [Trj/TeslaCrypt.A] [Win32.Trojan.Filelocker.Srng] [Trojan.Win32.Filecoder] [W32/Kryptik.ESFA!tr] [FileCryptor.IWG]

Whois

Property	Value
Email	HOSTMASTER@ORION.NET.ID
NameServer	B.HOSTING.ORION.NET.ID
Created	2011-02-10 00:00:00
Changed	2016-02-10 00:00:00
Expires	2017-02-10 00:00:00
Registrar	ENOM, INC.

DNS Resolutions

Date	IP Address
2020-02-11	198.54.117.197 (ClassC)
2020-02-11	198.54.117.198 (ClassC)
2020-02-11	198.54.117.199 (ClassC)
2020-02-11	198.54.117.200 (ClassC)
2022-03-17	203.84.156.154 (ClassC)
2023-12-03	203.84.158.74 (ClassC)
2026-02-07	203.175.9.73 (ClassC)

Port 80

HTTP/1.1 200 OKDate: Sat, 08 Jun 2019 02:38:52 GMTServer: ApacheX-Powered-By: PHP/5.6.35Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charsetUTF-8

!doctype html>html langen-GB>head>	meta charsetUTF-8>	meta nameviewport contentwidthdevice-width, initial-scale1>	link relprofile hrefhttp://gmpg.org/xfn/11>	title>Prima Sentra Usaha – Just another WordPress site/title>link reldns-prefetch href//psu-asia.co.id />link reldns-prefetch href//fonts.googleapis.com />link reldns-prefetch href//s.w.org />link relalternate typeapplication/rss+xml titlePrima Sentra Usaha » Feed hrefhttp://psu-asia.co.id/feed/ />link relalternate typeapplication/rss+xml titlePrima Sentra Usaha » Comments Feed hrefhttp://psu-asia.co.id/comments/feed/ />		script typetext/javascript>			window._wpemojiSettings  {baseUrl:https://s.w.org/images/core/emoji/2.4/72x72/,ext:.png,svgUrl:https://s.w.org/images/core/emoji/2.4/svg/,svgExt:.svg,source:{concatemoji:http://psu-asia.co.id/wp-includes/js/wp-emoji-release.min.js?ver4.9.4}};			!function(a,b,c){function d(a,b){var cString.fromCharCode;l.clearRect(0,0,k.width,k.height),l.fillText(c.apply(this,a),0,0);var dk.toDataURL();l.clearRect(0,0,k.width,k.height),l.fillText(c.apply(this,b),0,0);var ek.toDataURL();return de}function e(a){var b;if(!l||!l.fillText)return!1;switch(l.textBaselinetop,l.font600 32px Arial,a){caseflag:return!(bd(55356,56826,55356,56819,55356,56826,8203,55356,56819))&&(bd(55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447,55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447),!b);caseemoji:return bd(55357,56692,8205,9792,65039,55357,56692,8203,9792,65039),!b}return!1}function f(a){var cb.createElement(script);c.srca,c.deferc.typetext/javascript,b.getElementsByTagName(head)0.appendChild(c)}var g,h,i,j,kb.createElement(canvas),lk.getContext&&k.getContext(2d);for(jArray(flag,emoji),c.supports{everything:!0,everythingExceptFlag:!0},i0;ij.length;i++)c.supportsjie(ji),c.supports.everythingc.supports.everything&&c.supportsji,flag!ji&&(c.supports.everythingExceptFlagc.supports.everythingExceptFlag&&c.supportsji);c.supports.everyt

Port 443

HTTP/1.1 200 OKDate: Sat, 08 Jun 2019 02:38:54 GMTServer: ApacheX-Powered-By: PHP/5.6.35Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charsetUTF-8

!doctype html>html langen-GB>head>	meta charsetUTF-8>	meta nameviewport contentwidthdevice-width, initial-scale1>	link relprofile hrefhttp://gmpg.org/xfn/11>	title>Prima Sentra Usaha – Just another WordPress site/title>link reldns-prefetch href//psu-asia.co.id />link reldns-prefetch href//fonts.googleapis.com />link reldns-prefetch href//s.w.org />link relalternate typeapplication/rss+xml titlePrima Sentra Usaha » Feed hrefhttps://psu-asia.co.id/feed/ />link relalternate typeapplication/rss+xml titlePrima Sentra Usaha » Comments Feed hrefhttps://psu-asia.co.id/comments/feed/ />		script typetext/javascript>			window._wpemojiSettings  {baseUrl:https://s.w.org/images/core/emoji/2.4/72x72/,ext:.png,svgUrl:https://s.w.org/images/core/emoji/2.4/svg/,svgExt:.svg,source:{concatemoji:https://psu-asia.co.id/wp-includes/js/wp-emoji-release.min.js?ver4.9.4}};			!function(a,b,c){function d(a,b){var cString.fromCharCode;l.clearRect(0,0,k.width,k.height),l.fillText(c.apply(this,a),0,0);var dk.toDataURL();l.clearRect(0,0,k.width,k.height),l.fillText(c.apply(this,b),0,0);var ek.toDataURL();return de}function e(a){var b;if(!l||!l.fillText)return!1;switch(l.textBaselinetop,l.font600 32px Arial,a){caseflag:return!(bd(55356,56826,55356,56819,55356,56826,8203,55356,56819))&&(bd(55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447,55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447),!b);caseemoji:return bd(55357,56692,8205,9792,65039,55357,56692,8203,9792,65039),!b}return!1}function f(a){var cb.createElement(script);c.srca,c.deferc.typetext/javascript,b.getElementsByTagName(head)0.appendChild(c)}var g,h,i,j,kb.createElement(canvas),lk.getContext&&k.getContext(2d);for(jArray(flag,emoji),c.supports{everything:!0,everythingExceptFlag:!0},i0;ij.length;i++)c.supportsjie(ji),c.supports.everythingc.supports.everything&&c.supportsji,flag!ji&&(c.supports.everythingExceptFlagc.supports.everythingExceptFlag&&c.supportsji);c.supports.eve

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]