Domain > khdt1.zapto.org

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

http://www.threatgeek.com/2016/11/down-the-h-w0rm-...

Files that talk to khdt1.zapto.org

MD5	A/V
2708a72f6a43812fffda7e4e4b7db1e3	[MW.Clod681.Trojan.6948] [Worm.VBS.Dunihi.W] [VBS/Autorun.worm.aafz] [NetWorm] [VBS.Dunihi] [VBS_DUNIHI.BK] [Trojan.VBS.Crypt.e] [UnclassifiedMalware] [VBS/Jenxcus.lsa.1] [Troj/VBS-CQ] [Trojan.KTSR-9] [VBS/Kryptik.I] [VBS.Decode]
76549b51145255559ccd2ca57f10ebe6	[HW32.CDB.6d80] [Artemis!76549B511452] [WS.Reputation.1] [Trojan-Dropper.Win32.Sysn.shm] [UnclassifiedMalware] [Trj/CI.A] [Win32.Troj.Sysn.s.(kcloud)] [Trojan.Autoit.F] [Win32/Packed.Autoit.H] [Trojan-Dropper.Win32.Sysn] [W32/Sysn.SHM!tr] [MultiDropper_c.DTI]
f768bdd97ab8d4afd4e19a372e0ec2d4	[ZeroAccess] [Trojan/Packed.AutoIt.b] [Win32/FakeIE_i] [Win.Trojan.Autoit-371] [Trojan-Dropper.Win32.Autoit.bjn] [UnclassifiedMalware] [TR/Drop.Autoit.bjn] [Artemis!F768BDD97AB8] [Dropper.A.Autoit.698877] [Trojan.Autoit.Wirus] [Trojan-Spy.Win32.Zbot] [W32/Autoit.BJN!tr] [Trj/CI.A]

Whois

Property	Value
Name	Domain Operations No-IP.com
Organization	Vitalwerks Internet Solutions, LLC
Email	domains@no-ip.com
Zip Code	89502
City	Reno
State	NV
Country	US
Phone	+1.17758531883
NameServer	nf2.no-ip.com
Created	2001-08-10 04:24:14
Changed	2014-10-13 02:20:34
Expires	2017-08-10 04:24:14
Registrar	TLDS L.L.C. d/b/a SR