Help RSS API Feed Maltego Contact                        

Domain > polyhedrusgroup.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
https://otx.alienvault.com/pulse/56be641e67db8c71b...    
https://www.virustotal.com/en/file/c132ca179787171...    

Files that talk to polyhedrusgroup.com
MD5A/V
1831e9a635162ce5f44a9f78e151b14a[BehavesLike.Win32.PWSZbot.fh] [Win32.Trojan.Bp-dropperv.Bzmy]
1df548f956f02d2192cef0cc683d5ac9[Trojan.Win32.Swizzor.1!O] [Ransom.TeslaCrypt] [BehavesLike.Win32.Trojan.fh]
6fb48630fbafa97b713d95f9662d55e2[Trojan.Win32.Swizzor.1!O] [BehavesLike.Win32.Trojan.fh]
e555a3427a28c87e593d8383fcd9a1db
1ba9ad23fa2182f7408878545d52fd1e
3891a2afb7dba6de7d54f86b3e99e95e
e121f6606592d342d87c8fbf22b88148[HW32.Packed.FE4A]
3fcb8b4edbeb1f139b17632c796b80ec[Ransom.TeslaCrypt] [Win32/Filecoder.TeslaCrypt.I] [Trojan-Banker.Win32.Shifu.bdc] [Trojan.Win32.Encoder.eagncc] [Trojan.Encoder.3887] [BehavesLike.Win32.Expiro.jc] [TR/Crypt.Xpack.395740] [Trojan[Banker]/Win32.Shifu] [Ransom:Win32/Tescrypt!rfn] [FileCryptor.GVX]
5698f8aad65f0da9c83ad3cabe2b2a98
367ec075f59201bb24fa2f129689df0f
4a0767b950dc7744fc9b6560bb53848a
645b802b2129d02d5b6db880bdeda3ed[Ransom.CryptoWall] [Win32/Filecoder.TeslaCrypt.I] [Win32.Trojan.Bp-dropperv.Bzmy] [Trojan.AVKill.59867] [TR/Crypt.Xpack.395853]
b9ebd25cf0f47035f13983741f1e6e57[HW32.Packed.FFC6] [Trojan.TeslaCrypt.X] [Trojan.TeslaCrypt.X] [Ransomware-FEB!B9EBD25CF0F4] [Ransom.TeslaCrypt] [Trojan.TeslaCrypt.X] [Trojan-Banker.Win32.Shifu.bol] [Troj.Banker.W32.Shifu!c] [Trojan.TeslaCrypt.X] [Trojan.TeslaCrypt.X] [Trojan.Encoder.3933] [BehavesLike.Win32.Dropper.jh] [TR/Crypt.Xpack.400985] [W32/Shifu.BOL!tr] [Trojan.TeslaCrypt.X] [Ransom:Win32/Tescrypt.A] [Trojan.Win32.Injector] [Trojan.TeslaCrypt.X] [FileCryptor.GYW]
65baaa9de1b371d4b5990d635f093b19[Ransomware-FEB!65BAAA9DE1B3] [Ransom.TeslaCrypt] [Uds.Dangerousobject.Multi!c] [Trojan.PWS.Shifu!] [Win32/Filecoder.TeslaCrypt.I] [Trojan-Banker.Win32.Shifu.bdv] [Trojan.Win32.AVKill.eagyia] [Mal/Ransom-EC] [Trojan.AVKill.59871] [BehavesLike.Win32.PWSZbot.jh] [TR/Crypt.Xpack.396115] [Malicious_Behavior.VEX.99] [Trojan[Banker]/Win32.Shifu] [Ransom:Win32/Tescrypt.A] [Win32.Trojan-banker.Shifu.Wptq] [Trojan.Win32.Filecoder] [FileCryptor.GVZ] [Trojan.Win32.TeslaCrypt.I]
6ec54696381c216d70413299dce97904[Trojan.TeslaCrypt.S] [Artemis!6EC54696381C] [Ransom.TeslaCrypt] [Trojan.TeslaCrypt.S] [Trojan.TeslaCrypt.S] [Suspicious.Cloud.7.L] [Ransom_CRYPTESLA.SMJ3] [Trojan-Banker.Win32.Shifu.ayk] [Trojan.TeslaCrypt.S] [Trojan.TeslaCrypt.S] [Trojan.Encoder.3862] [BehavesLike.Win32.PWSZbot.hc] [Mal/Ransom-EC] [TR/Tescrypt.561152] [Ransom:Win32/Tescrypt.H] [Trojan.TeslaCrypt.S] [Trojan/Win32.Teslacrypt] [Trj/TeslaCrypt.A] [Trojan.Win32.Crypt] [W32/Kryptik.ENOV!tr] [Ransomer.KVQ] [Adware.Win32.iBryte.ENRG]
83f45d0da64839d80888de144f45c40b[Ransom.TeslaCrypt] [Ransom_CRYPTESLA.YUYAHT] [Trojan.AVKill.59878] [Ransom_CRYPTESLA.YUYAHT] [TR/Crypt.Xpack.400322] [Trojan[Banker]/Win32.Shifu] [Ransom:Win32/Tescrypt.A] [Inject3.ABAQ] [Trojan.Win32.Injector.CSGS]
8b00cd19da9b8dcebcd39e07e4b7b8d5[HW32.Packed.4527] [Ransom.TeslaCrypt] [Trojan-Banker.Win32.Shifu.bsn] [Trojan.Encoder.3920] [BehavesLike.Expiro.gc] [Mal/Ransom-EC] [TR/Crypt.Xpack.400960] [Ransom:Win32/Tescrypt!rfn] [Win32/Filecoder.TeslaCrypt.I] [W32/Filecoder.I!tr] [FileCryptor.GYC]
d32c7a361b507ee3594064be78ca1c06[TrojanBanker.Shifu.r4] [Ransom-O] [Ransom.TeslaCrypt] [Trojan.Filecoder.Win32.1930] [Trojan.PWS.Shifu!] [W32/TeslaCrypt.X] [Win32/Filecoder.TeslaCrypt.I] [Ransom_CRYPTESLA.SMJ5] [Trojan-Banker.Win32.Shifu.bay] [Trojan.Win32.Encoder.eaggfh] [Troj.Banker.W32.Shifu!c] [Win32.Trojan.Bp-dropperv.Bzmy] [Trojan.Encoder.1694] [BehavesLike.Win32.PWSZbot.hc] [W32/TeslaCrypt.SQLP-3226] [Trojan.Banker.Shifu.ca] [Ransom:Win32/Tescrypt.A] [Trojan.Win32.U.TeslaCrypt.581632[h]] [Trojan.Ransom.TeslaCrypt] [Trojan.Win32.TeslaCrypt.I] [Trojan-Ransom.CryptoWall3] [W32/Shifu.BAY!tr] [FileCryptor.GVS] [Trj/Banker.SM] [Win32/Trojan.24a]
78df0be607fec7316e562bddd4d93a33[Trojan.Ransom.APQ] [Trojan.Ransom.APQ] [Ransom.TeslaCrypt] [Trojan.Filecoder.Win32.1930] [Trojan.Ransom.APQ] [Trojan.Ransom.APQ] [Trojan.Win32.Encoder.eaggfh] [W32/TeslaCrypt.SQLP-3226] [Trojan.Randsom.A] [Win32/Filecoder.TeslaCrypt.I] [Ransom_CRYPTESLA.USVNB16] [Trojan-Banker.Win32.Shifu.bba] [Trojan.PWS.Shifu!] [Trojan.Win32.U.TeslaCrypt.581632[h]] [Win32.Trojan.Bp-dropperv.Bzmy] [Trojan.Ransom.APQ] [Trojan.Ransom.APQ] [Trojan.Encoder.1694] [Ransom_CRYPTESLA.USVNB16] [BehavesLike.Win32.PWSZbot.hc] [W32/TeslaCrypt.X] [Trojan.Banker.Shifu.ca] [TR/Crypt.Xpack.395051] [Ransom:Win32/Tescrypt.H] [Troj.Banker.W32.Shifu!c] [Trojan.Ransom.APQ] [Trojan.Ransom.APQ] [Trj/Banker.SM] [Trojan-Ransom.CryptoWall3] [W32/Shifu.BBA!tr] [FileCryptor.GVS] [Trojan.Win32.TeslaCrypt.I]
873b04028d07e9cccd55db1bc56906a2[W32.RsmTescrypt.Trojan] [Artemis!873B04028D07] [Ransom.TeslaCrypt] [Trojan/Filecoder.TeslaCrypt.i] [Trojan.Win32.AVKill.eahypl] [W32/TeslaCrypt.AH] [Win32/Filecoder.TeslaCrypt.I] [Ransom_CRYPTESLA.SMJ5] [Trojan.Filecoder!tc07vJAN55Y] [Uds.Dangerousobject.Multi!c] [Mal/Ransom-EC] [Trojan.AVKill.59863] [Trojan.Filecoder.Win32.1927] [BehavesLike.Win32.Downloader.jc] [W32/TeslaCrypt.YNWD-6529] [Trojan.Banker.Shifu.fi] [TR/Crypt.Xpack.395355] [W32/Filecoder_TeslaCrypt.I!tr] [Trojan[Banker]/Win32.Shifu] [Ransom:Win32/Tescrypt.A] [Trojan.Ransom.TeslaCrypt] [Trojan.Win32.TeslaCrypt.I] [Win32.Trojan.Bp-dropperv.Bzmy] [Trojan-Ransom.CryptoWall3] [Trj/RansomCrypt.E]

Whois
PropertyValue
Email RVHVNWNRC@WHOISPRIVACYPROTECT.COM
NameServer NS2.SHEEP.ARVIXE.COM
Created 2014-10-15 00:00:00
Changed 2015-09-30 00:00:00
Expires 2016-10-15 00:00:00
Registrar ENOM, INC.

DNS Resolutions
DateIP Address
2014-10-19108.175.159.4 (ClassC)
2025-07-03143.95.229.33 (ClassC)

Port 80
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information