Help RSS API Feed Maltego Contact                        

Domain > rfihub.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
https://blog.malwarebytes.org/cybercrime/2016/05/n...    
https://blog.malwarebytes.org/cybercrime/exploits/...    
https://blog.malwarebytes.com/cybercrime/2016/07/n...    

Files that talk to rfihub.com
MD5A/V
72d49c412a066316cc5476073bfe30ec
525ccf8eb72fa90be6f3845139a27a94
928158666cd569136564b683e3bb6c6a
e1d874da02827333432a2c9ed92bb233
a9782533c21475c629168feb9c32337a
3ccce94d979e925d13b16f7f1b99cbe6[Type_VBS_Autorun] [VBS.Dunihi] [VBS_JENXCUS.NS] [VBS/Jenxcus-C] [UnclassifiedMalware] [VBS.Autoruner.161] [VBS/Clicker.nauzs] [Worm:VBS/Jenxcus.K] [Trojan.IEVC-3] [VBS/Autorun.BC.worm] [VBS/Kryptik.L]
f58fb6cfc42c049c1442d6ce54ea429d[W32/new-malware!Maximus] [TR/Graftor.2081254] [Trojan.Packed.194] [Win32/DH{fGSBEiV+ICMsgRNcV04}] [Trojan-Ransom.Win32.Blocker] [Artemis!F58FB6CFC42C] [Trojan.Packed!N6hauVnIyeg] [WS.Reputation.1] [Trojan.Win32.Graftor.czubpq] [Heuristic.LooksLike.Win32.Suspicious.J] [Win32/Trojan.fad]
1c5db9ff8dd5278091bac2978f46a0b6[W32.ATVC_OnsurotLTL.Trojan] [Trojan.Win32.Cidox.amkl] [Trojan.Win32.Heur.098] [PE:Malware.Obscure!1.9C59] [Trojan.DownLoad3.35002] [Trojan/Win32.MDA]
26e085ad8a7863b534f9a2229dd16966[PUP.Optional.Conduit.A] [Riskware.Win32.Toolbar.cspetd] [TROJ_GE.4DCE9EB6] [Application.Win32.Conduit.~A] [Adware.Conduit.82] [Win32/Toolbar.Conduit.R] [Toolbar.Conduit]
222dc070ac4d8fdbb2c4645750a72e86
f64dc3bce4b075db1db8f7d08b142a0d[PWSZbot-FABG!F64DC3BCE4B0] [Spyware.Zbot.ED] [WS.Reputation.1] [Win32/Poweliks.B] [Backdoor.Win32.PMax]
0106db8b1a382937be9d9e99155dc546[Trojan-PSW.Win32.Tepfer!O] [Backdoor.Kelihos.F5] [Kelihos.BKDR] [Trojan.Win32.Hlux.dimrpg] [Win32.Backdoor.Hlux.Kc] [BackDoor.Slym.14056] [Backdoor:Win32/Kelihos.F] [Backdoor/Win32.Kelihos] [SScope.Malware-Cryptor.Hlux] [Backdoor.Win32.Hlux.AHwG] [Backdoor.Win32.Kelihos] [W32/Kryptik.BJWM!tr]
be1f85b8d9d3bab2fe0383da25c089e0[Adware.OutBrowse.Win32.58665]
501ecfc123441fb7e249a54f56c39811
6d6e18d2adb6bb6aa88abe035f43b28a
dd8a88a71f0bca3af2761fb484bbed68
253b5b1105741625311b5943f76872d0
96c8d5262b87f6be6464767542cfe8fc
1f34d53c1b360c17ec0456b68783fec4
517fc93cee1b20dba7e17cfb896d2ec7

Whois
PropertyValue
NameServer NS2.P05.DYNECT.NET
Created 2008-05-14 00:00:00
Changed 2015-05-15 00:00:00
Expires 2016-05-14 00:00:00
Registrar GODADDY.COM, LLC