Domain > mengzhaoshituan.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://www.malware-traffic-analysis.net/2016/01/26...

https://otx.alienvault.com/pulse/56a8fdce67db8c6aa...

Files that talk to mengzhaoshituan.com

MD5	A/V
900b693a093da57191e5e36e35244a82	[Trojan-Downloader:W97M/Dridex.R] [HEUR.VBA.Trojan.d]
7cce1482771f71e45773205375a45131	[BehavesLike.Win32.PWSZbot.fh]
61f847bcb69d0fe86ad7a4ba3f057be5	[W32/Kryptik.EKZF!tr]
dc44690f83f8236fb83850087d65ecce	[BehavesLike.Win32.Ransom.fh]
64f108a2b8fd67daa6099f0829761f0e	[BehavesLike.Win32.PWSZbot.gh]
7d778bdc9080698f15e04ec1e5484c86	[Trojan/PSW.OnLineGames.cbda]
1cb579be58467954f8b7d1611bb677e6	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
ab76e674f506a16845c1f5026d23c43b
cf5a089bf47211b2299c93458f44a031	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
341efc979b524ca59c257617574ae361
19c3d8ce4b652816ef249aca4ff140a3	[Mal/EncPk-ABL]
3bc10ebbedcf632c86737cb79725e10c	[Ransom.Crowti.G4]
665a7e105b6fd741bcb898b0b1d3f57f	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
9d04e4c80c7baf73d4e44e11d71216d5	[Ransom.Crowti.G4]
2b7ec953a9c043738125f0379a25d730	[Artemis!2B7EC953A9C0] [Trojan.MalPack] [Trojan.Bitman!] [Suspicious.Cloud.9] [Ransom_CRYPTESLA.YUYAGU] [Trojan-Ransom.Win32.Bitman.fpd] [Trojan.DownLoader19.5690] [Ransom_CRYPTESLA.YUYAGU] [BehavesLike.Win32.PWSZbot.dh] [Mal/EncPk-ABL] [W32/Kryptik.EHEZ!tr] [Trojan.Razy.D110E] [VirTool:Win32/CeeInject.GF] [Trojan/Win32.Teslacrypt] [Adware.Win32.iBryte.EHEZ] [Trojan.Win32.Crypt] [Crypt5.ADJY] [Win32/Trojan.6e4]
6721a3616e4bd381e91f8fd4fc3f4651	[Troj.Downloader.Script!c] [Trojan.Script.Nemucod.dzmpqx] [JS.DownLoader.696] [Troj/JSDldr-DH] [TrojanDownloader:JS/Swabfex.G]
01665d8af790763b3668af90dc077ea1
795aa090240094ad58a6a567fb612db4	[W32.XbisranAF.Trojan] [Ransom.FileLocker] [Trojan.Bitman!] [Ransom_CRYPTESLA.YUYAGX] [Trojan-Ransom.Win32.Bitman.fay] [Trojan.Win32.Zegost.dzumpr] [TrojWare.Win32.Kryptik.~ELDZ] [Ransom_CRYPTESLA.YUYAGX] [BehavesLike.Win32.Trojan.fh] [W32/Dorkbot-LF] [Worm.Ngrbot.lf] [Trojan[Ransom]/Win32.Bitman] [Trojan.Win32.A.Bitman.398336[h]] [Trojan/Win32.Teslacrypt] [Ransom:Win32/Tescrypt!rfn] [Trj/CI.A] [Win32.Trojan.Bitman.Ahyo] [Trojan.Win32.Crypt] [W32/Kryptik.ELDZ!tr] [Ransomer.KUG] [Win32/Backdoor.142]
b3825494d54321c5bce0d4845fcfa86c	[Trojan/W32.Bitman.462848] [Ransom.Crowti.G4] [Ransom.FileCryptor] [Trojan.Win32.Encoder.dzxaey] [Trojan-Ransom.Win32.Bitman.fuh] [Trojan.Bitman!] [Troj.W32.Yakes] [Mal/Tinba-T] [Trojan.Encoder.3564] [Backdoor.PePatch.Win32.97322] [BehavesLike.Win32.Backdoor.gc] [W32/Trojan.ITPF-7926] [Trojan.Bitman.ed] [TR/Crypt.ZPACK.181556] [Trojan[Ransom]/Win32.Bitman] [Ransom:Win32/Tescrypt.D] [Trojan/Win32.Teslacrypt] [Ransomware-FCW!B3825494D543] [W32/Kryptik.ELNU!tr] [Crypt5.ADRF]
45f325874eeb70f689e8faaa88d88c58	[Trojan/W32.Inject.417792.I] [Trojan.Dynamer.r12] [BackDoor-FDAL!45F325874EEB] [Trojan.MalPack] [Trojan.Inject!9Z5Jiv9wvTg] [Trojan.Win32.Inject.vtaf] [Troj.W32.Inject!c] [Troj/DwnLdr-NBT] [TrojWare.Win32.Inject.~IE] [Trojan.Inject.Win32.188898] [BehavesLike.Win32.PackedAP.gh] [W32/Trojan.JQBS-8670] [Trojan.PornoAsset.dg] [TR/Crypt.ZPACK.181379] [Trojan/Win32.Inject] [Ransom:Win32/Tescrypt!rfn] [Trojan/Win32.Teslacrypt] [Trojan.Inject] [Trj/GdSda.A] [Win32.Trojan.Inject.Pfjn] [Trojan.Win32.Crypt] [W32/DwnLdr.ELLG!tr] [Ransomer.KUL] [Adware.Win32.iBryte.ELLG]

Whois

Property	Value
Name	PERFECT PRIVACY, LLC
Email	q67g34nm75u@networksolutionsprivateregistration.com
Address	12808 Gran Bay Parkway West
Zip Code	32258
City	Jacksonville
State	FL
Country	US
Phone	+1.5707088780
NameServer	NS46.DOMAINCONTROL.COM
Created	2014-06-11 05:29:28
Changed	2015-04-29 07:07:33
Expires	2016-06-11 00:00:00
Registrar	NETWORK SOLUTIONS, L