Help RSS API Feed Maltego Contact                        

Domain > antivirus-groups.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://www.symantec.com/content/en/us/enterprise/m...    
https://raw.githubusercontent.com/citizenlab/malwa...    
https://raw.githubusercontent.com/fireeye/pivy-rep...    
https://www.fireeye.com/resources/pdfs/fireeye-poi...    

Files that talk to antivirus-groups.com
MD5A/V
ef90df225101836952ad7e91b55b30cd[W32.Clod425.Trojan.e0fb] [BackDoor-FCK] [Backdoor/Poison.cnes] [Trojan.Win32.Poison.dmfrf] [W32/Poison.AG] [Backdoor.Darkmoon] [Malware.TTFU] [BKDR_POISON.BHY] [Backdoor.Win32.Poison.gegl] [Backdoor.Poison!BmCMEGzb8H8] [Troj/Poison-CR] [UnclassifiedMalware] [Trojan.KillProc.27534] [BDS/Poison.M.923] [Backdoor/Poison.pzx] [Backdoor:Win32/Poison.E] [W32/Poison.DWJN-7282] [Backdoor.Win32.Hupigon.dguz] [Win32/Inject.NFC] [Virus.Win32.Poison] [W32/Poison.CR!tr] [Backdoor.Win32.Poison.aX]
31346e5b39ddb095d76071ac86da4c2e[Downloader.Zlob.BCZD] [BDS/Poisonivy.E.857] [FakeAlert.eb] [Trojan.Poison-1488] [W32.Clod59b.Trojan.5779] [Trojan-Downloader/W32.Injecter.159762] [Trojan-Downloader.Win32.Injecter!O] [Trojan.Win32.Injecter.gieuz] [W32/Poison.Z] [Backdoor.Trojan] [Trojan-Downloader.Win32.Injecter.gxz] [Trojan.Poison!UFPJpvmSaLs] [Trojan.Win32.A.Downloader.159762] [Heur.Suspicious] [Trojan.DownLoader9.52799] [Mal_PoisonCFG] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Poisonivy.E] [W32/Poison.YDAP-0032] [Virus.Win32.Heur.l] [TrojanDownloader.Injecter] [Win32/Poison.NGG] [Trojan-Downloader.Win32.Injecter] [W32/FakeAlert.EB!tr] [Trojan.Win32.Injecter.Ahpn] [Win32/Trojan.Downloader.30b]

Whois
PropertyValue
Email ANTIVIRUS-GROUPS.COM@domainsbyproxy.com
NameServer PDNS06.DOMAINCONTROL.COM
Created 2014-08-19 00:00:00
Changed 2014-08-19 00:00:00
Expires 2015-08-19 00:00:00
Registrar GODADDY.COM, LLC