Help RSS API Feed Maltego Contact                        

Domain > ria-ru.xicp.net

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
https://otx.alienvault.com/pulse/56aa6c6e67db8c6aa...    
https://www.proofpoint.com/us/exploring-bergard-ol...    

Files that talk to ria-ru.xicp.net
MD5A/V
950c4074cf593ef87914d40bf1cfa3c7
2c7bad4f4a4df3025aa1345db27c7408[Trojan.MulDrop4.31630] [Win32/Korplug.AK] [W32/Korplug.AK] [SHeur4.BFFB] [Backdoor.Win32.Plugx] [Backdoor.Win32.Gulpix.rr] [Backdoor*Win32/Plugx.A] [Worm.Luder.Win32.168]

Whois
PropertyValue
Email yezi@oray.com
NameServer NS2.EXHERA.COM
Created 2001-08-15 00:00:00
Changed 2014-03-28 00:00:00
Expires 2015-08-15 00:00:00
Registrar SHANGHAI BEST ORAY I