Domain > classemgmt.testbada.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://ransomwaretracker.abuse.ch/blocklist/

https://otx.alienvault.com/pulse/56f02c1967db8c5ce...

http://ransomwaretracker.abuse.ch/blocklist/

https://ransomwaretracker.abuse.ch/downloads/RW_UR...

https://blogs.sophos.com/2016/01/06/the-current-st...

Files that talk to classemgmt.testbada.com

MD5	A/V
c7c8f1ce94f5abb71857f88b049ea1fe	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9998] [Trojan.AVKill.60585] [TR/Crypt.Xpack.435323] [Trojan/Win32.Teslacrypt]
643f88f2a0616be6f4226c623fbf0e7b	[HW32.Packed.7731] [Suspect-AN!643F88F2A061] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Suspicious.Cloud.5] [BehavesLike.Win32.Virut.fc]
17a8fac6cbd8746395185ef473ed7819
45fe60b0507e925a64c8a4a9eff277cd	[HW32.Packed.5331] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Suspicious.Cloud.5] [Win32.Trojan.Raas.Auto] [Trojan.AVKill.60585] [BehavesLike.Win32.PWSZbot.fc] [TR/Crypt.ZPACK.237832] [Suspect-AN!45FE60B0507E] [W32/Kryptik.ERSK!tr]
f0ae45e5137e2b9d1bf935d386d72d84	[HW32.Packed.DCBC] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Cryptolocker.N] [Trojan-Ransom.Win32.Bitman.tll] [Trojan.Win32.U.Ransom.324608[h]] [Win32.Trojan.Raas.Auto] [Trojan.AVKill.60585] [BehavesLike.Win32.Expiro.fc] [Artemis!F0AE45E5137E] [Win32/Trojan.97a]
194023b9311b7a58e27bb4ffa3a78456	[Win32.Trojan.WisdomEyes.151026.9950.9964] [Trojan/Win32.Teslacrypt]
8feaefdba3f88f8c62feea0a410ff887	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9992] [Win32/Filecoder.TeslaCrypt.K] [Trojan.Win32.Yakes.phbj] [Trojan.Win32.U.TeslaCrypt.414628[h]] [Artemis!Trojan] [Trojan/Win32.Teslacrypt] [Artemis!8FEAEFDBA3F8] [Win32.Trojan.Filelocker.Egow] [Trojan.Win32.Filecoder]
8bd9598dbc54f7dd6683ff78c0b2183d	[Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan/Win32.Teslacrypt]
b25dea987aab929ffa60ac9c50bcf9c0	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Win32.AVKill.ebbyxx] [Trojan.Cryptolocker.N] [Win32/Filecoder.TeslaCrypt.K] [Ransom_CRYPTESLA.YUYAJY] [Trojan-Ransom.Win32.Bitman.tuh] [Uds.Dangerousobject.Multi!c] [Mal/Ransom-EM] [Ransom_CRYPTESLA.YUYAJY] [BehavesLike.Win32.Downloader.fh] [TR/Crypt.Xpack.426272] [Ransom:Win32/Tescrypt.R] [RDN/Ransomware-FHE] [Trj/TeslaCrypt.A] [Trojan.Win32.Filecoder] [FileCryptor.IWG]
6a220cd5bee00f03ede29a21b7c387f5	[W32.KrypserLTV.Trojan] [Ransom.Teslacrypt.OD4] [Ransomware-FHE!6A220CD5BEE0] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Cryptolocker.N] [Ransom_CRYPTESLA.USVNC21] [Trojan-Ransom.Win32.Bitman.tyu] [Trojan.Win32.AVKill.ebbssz] [Troj/Ransom-CON] [Trojan.AVKill.60650] [Ransom_CRYPTESLA.USVNC21] [Ransomware-FHE!6A220CD5BEE0] [Trojan.Bitman.xb] [TR/Crypt.Xpack.425746] [Ransom:Win32/Tescrypt.R] [Troj.Ransom.Atb!c] [Trojan.Ransom.TeslaCrypt] [Trojan.Win32.Injector.CUYA] [Win32.Trojan.Filelocker.Wofy] [Trojan-Ransom.TeslaCrypt4] [W32/CUYA.CON!tr]
70490bacac6788d363e8835269eec643	[Trojan/W32.Ransom.372736.B] [Ransomware-FHE!70490BACAC67] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9993] [Win32/Filecoder.TeslaCrypt.K] [TROJ_FRS.0NA003CO16] [Mal/Ransom-EM] [Trojan.AVKill.60660] [TROJ_FRS.0NA003CO16] [Ransom:Win32/Tescrypt.R] [Trojan.Midie.D2105] [Trj/GdSda.A] [Trojan-Ransom.TeslaCrypt4] [FileCryptor.IWB] [Win32/Trojan.640]
4e857f1b4df28830db7dd538ef4f433b	[Ransom.TeslaCrypt] [Trojan.Injector.Win32.368732] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Trojan.Cryptolocker.N] [Ransom_HPCRYPTESLA.SM2] [Trojan.Win32.AVKill.ebbtjs] [Win32.Trojan.Filelocker.Pgdh] [Mal/Ransom-EM] [Trojan.AVKill.60627] [Ransomware-FHE!4E857F1B4DF2] [Trojan.Yakes.idh] [TR/Crypt.Xpack.435558] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt!rfn] [Trojan.Zusy.D2D4F1] [Trojan/Win32.Teslacrypt] [Ransomware-FHE!4E857F1B4DF2] [FileCryptor.ISJ] [Trj/GdSda.A]
e0de7f084225e309356327fd92caceb9
8808d2f3e814946a452128f3740bf306	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Ransom_CRYPTESLA.YUYAJU] [Trojan.Win32.Yakes.phjx] [Trojan.AVKill.60585] [Ransom_CRYPTESLA.YUYAJU] [W32/Ransom.BVKY-4469] [Trojan.Yakes.ieb] [TR/Crypt.Xpack.425097] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt!rfn] [Ransomware-FHE!8808D2F3E814] [Win32.Trojan.Yakes.Dyqa] [Inject3.AFIJ] [Trj/GdSda.A]
64d034d44d056397ae1de9ba37bb480b	[HW32.Packed.3520] [Artemis!64D034D44D05] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Suspicious.Cloud.5] [Trojan-Ransom.Win32.Bitman.tla] [Win32.Trojan.Bitman.Wqdc] [Trojan.AVKill.60585] [BehavesLike.Win32.Expiro.fc] [TR/Crypt.ZPACK.237777] [Trojan/Win32.Teslacrypt]
893da28a2b2e5bc0f25b27e3ca6b0375	[HW32.Packed.1057] [Trojan/W32.Ransom.324096] [Artemis!893DA28A2B2E] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Suspicious.Cloud.5] [Trojan-Ransom.Win32.Bitman.tle] [Win32.Trojan.Bitman.Eadp] [Trojan.AVKill.60585] [BehavesLike.Win32.Expiro.fc] [TR/Crypt.ZPACK.237777] [Trojan/Win32.Teslacrypt] [Trj/GdSda.A] [W32/Kryptik.ERSK!tr]
41794429d51566e602188c9f47582a0b	[Trojan/W32.TeslaCrypt.372736] [Ransom.Teslacrypt.OD4] [Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Win32/Filecoder.TeslaCrypt.K] [Ransom_HPCRYPTESLA.SM2] [Trojan.Win32.Yakes.pjpl] [Trojan.Win32.AVKill.ebbsfu] [Mal/Ransom-EG] [Trojan.AVKill.60640] [RDN/Ransomware-FHE] [W32/Trojan.LQRR-1514] [Trojan.Yakes.ilz] [TR/Crypt.Xpack.425953] [Ransom:Win32/Tescrypt] [Trojan.Symmi.DF347] [RDN/Ransomware-FHE] [Trojan.Yakes] [Win32.Trojan.Yakes.Pavp] [Trojan.Yakes!RJpPgelM4YU] [Trojan.Win32.Filecoder] [FileCryptor.ITJ]
60efc6fb2b14ebaf349f8052072b25c2	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9996] [Win32/Filecoder.TeslaCrypt.K] [Trojan.AVKill.60644] [TR/Crypt.Xpack.425685] [Trojan/Win32.Teslacrypt] [Trj/TeslaCrypt.A]
feb36b0b30bba7a07aa40226775acb59	[Ransom.TeslaCrypt] [Win32.Trojan.WisdomEyes.151026.9950.9998] [Trojan.Cryptolocker.N] [Ransom_CRYPTESLA.YUYAJQ] [Trojan.Win32.Yakes.pgzc] [Trojan.AVKill.60585] [Ransom_CRYPTESLA.YUYAJQ] [BehavesLike.Win32.Ransomware.gh] [TR/Crypt.Xpack.435323] [Trojan.Graftor.D4337F] [Trojan/Win32.Teslacrypt] [FileCryptor.IQS]
668364fcf9c5449680c0d4be77785f1d	[HW32.Packed.73AA] [Trojan.Bedep] [Troj.W32.Yakes] [Win32.Trojan.WisdomEyes.151026.9950.9999] [Win32/Filecoder.TeslaCrypt.K] [Trojan.AVKill.60677] [Trojan/Win32.FakeMS] [W32/Kryptik.EQBM!tr]

Whois

Property	Value
Email	junseok.lee@edushare.kr
NameServer	NS31.DNSZI.COM
Created	2011-07-13 00:00:00
Changed	2015-11-27 00:00:00
Expires	2016-07-13 00:00:00
Registrar	MEGAZONE CORP. DBA H