Help
RSS
API
Feed
Maltego
Contact
Domain > zsn5qtrgfpu4tmpg.onion.gq
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
Reports
http://ransomwaretracker.abuse.ch/feeds/csv/
https://otx.alienvault.com/pulse/56e85de34637f24cb...
Files that talk to zsn5qtrgfpu4tmpg.onion.gq
MD5
A/V
a590442be4a587ad1696d09312783f78
[
Trojan.Injector!3G9iI6ktnX4
] [
WS.Reputation.1
] [
Trojan-Ransom.NSIS.Onion.ba
] [
Win32.Risk.Malware.Lmua
] [
Trojan.Encoder.858
] [
Ransom-O
] [
TR/Injector.233568
] [
Trojan/Win32.Injector
] [
Trojan.NSIS.Ransom.ba
] [
Win32/Injector.BZBS
] [
Trojan.Win32.Injector
] [
W32/BZBS!tr
] [
TrojanRansom.NSIS.r5
] [
Trojan.Win32.Inject2.drbexg
] [
Injector.IHGC
] [
Nsis.Trojan.Onion.Lmua
] [
Trojan.Onion.Win32.53
] [
TROJ_GE.F006A1B2
] [
Ransom:Win32/Critroni.B
] [
Trj/CI.A
] [
Artemis!A590442BE4A5
] [
Trojan.Win32.Injector.BZBS
]
2d256fef9468d2942fdf03d4d3e9a40b
1f6493b1d55c7e25a5f4b475f93aae24
[
HW32.Packed.D064
] [
Trojan.Vimditator.Win32.70
] [
Trojan.Win32.Encoder.dnmzyt
] [
Trojan.Cryptolocker!g6
] [
TROJ_CRYPCBT.SMA
] [
Trojan-Ransom.Win32.Onion.dh
] [
Virus.Win32.Heur.c
] [
Trojan.Encoder.858
] [
BehavesLike.Win32.Dreform.jc
] [
Mal/Harnig-B
] [
Trojan/Vimditator.av
] [
Trojan/Win32.Vimditator
] [
Ransom:Win32/Critroni.B
] [
Ransom-FTX!1F6493B1D55C
] [
SScope.TrojanRansom.Crytroni
] [
PE:Malware.XPACK-HIE/Heur!1.9C48
] [
FileCryptor.VK
] [
Win32.Trojan.Onion.Eaxo
] [
Trojan.Win32.Filecoder.DA
] [
Trojan.FileCryptor
] [
W32/Filecoder.B!tr
] [
Win32/Trojan.49b
]
b32711ccbf1c1abaf601d349508feb15
[
Win32/Neurevt.I
] [
Suspici.2DBCF6CF
] [
Trojan/Win32.Injector
] [
Trojan.Win32.Injector.CBYC
]
92d36103bba95252bfd31667151fb5e1
[
Win32/Injector.CHVS
] [
Trojan-Ransom.NSIS.Onion.has
] [
TR/AD.CTBLocker.Y.12
] [
W32/CHVS!tr
] [
Trojan.NSIS.Ransom.has
]
894fe9a77ec411f0303085e69e280b24
[
Ransom-CWall.c!B00664DBE479
] [
Trojan.Win32.Injector.dyojju
] [
W32/Application.MPUH-3651
] [
Backdoor.Win32.Androm.ipui
] [
Backdoor.Androm!EJ/7EHYyxIQ
] [
Trojan.Win32.Z.Zbot.774144[h]
] [
Mal/Zbot-UH
] [
UnclassifiedMalware
] [
Trojan.Injector.Win32.333583
] [
BKDR_AN.EC7B81CD
] [
BehavesLike.PWSZbot.bc
] [
TrojanSpy.Zbot.ieii
] [
TR/Crypt.Xpack.313663
] [
W32/PWSZbot.FAKV!tr
] [
Trojan[Backdoor]/Win32.Androm
] [
Ransom:Win32/Critroni
] [
Trj/CI.A
] [
Win32.Backdoor.Androm.Eann
] [
Trojan.Win32.Crypt
] [
Zbot.AJJI
] [
Backdoor.Win32.Androm.ipui
] [
Win32/Backdoor.cf4
]
edaf914498453eea75afb1ce418e8430
[
Trojan.Injector
] [
Trojan.Strictor.D189F7
] [
Backdoor.Win32.Androm.iuny
] [
Mal/Zbot-UH
] [
Trojan.Encoder.3181
] [
BehavesLike.PWSZbot.bc
] [
Ransom:Win32/Critroni
] [
Backdoor.Win32.Androm.iuny
] [
Win32.Trojan.Inject.Auto
] [
Evilware.Outbreak
] [
W32/Injector.CNZD!tr
]
3ea7fcfb57ecf72114db497ce18a5c97
[
HW32.Packed.D4CA
] [
Suspicious.Cloud.9
] [
Troj/Banloa-CJP
] [
BehavesLike.Win32.PWSZbot.jc
] [
Artemis!3EA7FCFB57EC
] [
Win32.Outbreak
]
cf939ca7b2cff27ea333f8450458e150
fba7f33b4f6b5e978cf1f2397d8295e9
8ba886b29a7ae88a0134d2112b9c141a
[
HW32.Packed.A872
] [
W32/Heuristic-300!Eldorado
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
HEUR_NAMETRICK.A
] [
BehavesLike.Fednu.jc
] [
W32/Heuristic-300!Eldorado
] [
FakeAlert
]
da0ca53c70ee73e9791afde3907362f2
[
HW32.Packed.A872
] [
BehavesLike.Win32.Fednu.jc
]
0eff91aaafdbeba37fc9f6fc7ac17c81
[
HW32.Packed.F300
] [
W32/Heuristic-300!Eldorado
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
HEUR_NAMETRICK.A
] [
W32/Heuristic-300!Eldorado
] [
Archive.Malware.FakeExt.N@susp
] [
FakeAlert
]
125f336f9d3378eeb4f669dbb55d2895
[
HW32.Packed.FD44
] [
Suspicious.Cloud.2
] [
Troj/Ransom-BXL
] [
BehavesLike.Win32.Rontokbro.jc
] [
W32/Trojan.VXAJ-2000
] [
TR/Dropper.VB.45591
] [
Artemis!125F336F9D33
] [
Win32/Filecoder.DA
] [
Win32.Outbreak
]
71c80d1f63014a0807980c7cce3bcba5
[
Artemis!71C80D1F6301
] [
Suspicious.Cloud.5
] [
BehavesLike.Win32.Malware.bc
]
0a3f428764c969ffbe9760f8bb0a6073
[
HW32.Packed.5DC8
] [
W32/Heuristic-300!Eldorado
] [
Ransom_.4F05947A
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
Ransom_.4F05947A
] [
BehavesLike.Dropper.bc
] [
W32/Heuristic-300!Eldorado
] [
Archive.Malware.FakeExt.N@susp
] [
Artemis!71C80D1F6301
] [
FakeAlert
]
6027b9fa268cb2bfa890572ee087efe5
[
W32/Heuristic-300!Eldorado
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
HEUR_NAMETRICK.A
] [
BehavesLike.HLLPSoul.bc
] [
W32/Heuristic-300!Eldorado
] [
Archive.Malware.FakeExt.N@susp
] [
Win32.Trojan.Inject.Auto
] [
FakeAlert
]
71edd7efc0538dab7d4674593c827c39
[
W32.Parite
] [
Troj/Ransom-BXO
] [
TR/Crypt.Xpack.438971
] [
Win32.Trojan.Inject.Auto
] [
Win32.Outbreak
]
20ea082fddf660e364e64a54f6c8e3b1
[
W32/Heuristic-300!Eldorado
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
HEUR_NAMETRICK.A
] [
W32/Heuristic-300!Eldorado
] [
Win32.Trojan.Inject.Auto
] [
FakeAlert
]
ee2b6c9f65511ada0f9bcac15dcfa82f
[
Artemis!40CE00566109
] [
W32/Heuristic-300!Eldorado
] [
Suspect.DoubleExtension-zippwd-15
] [
Heur.Dual.Extensions
] [
HEUR_NAMETRICK.A
] [
Artemis
] [
W32/Heuristic-300!Eldorado
] [
Troj.Spy.W32.Zbot
] [
Win32.Trojan.Inject.Auto
] [
FakeAlert
]
Whois
Property
Value
Email
df7a076e56588c9a.shielded@idshield.tk
DNS Resolutions
Date
IP Address
2015-01-31
76.74.170.223
(
ClassC
)
2015-04-06
62.210.92.11
(
ClassC
)
2015-04-28
62.210.92.11
(
ClassC
)
2024-06-13
192.42.118.104
(
ClassC
)
Port 80
HTTP/1.1 301 Moved PermanentlyServer: nginxDate: Fri, 07 Jun 2019 18:57:11 GMTContent-Type: text/htmlContent-Length: 178Connection: keep-aliveLocation: https://www.spamhaus.org/ html>head>title>301 Moved Permanently/title>/head>body bgcolorwhite>center>h1>301 Moved Permanently/h1>/center>hr>center>nginx/center>/body>/html>
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]