Domain > sdup.qh-lb.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://blog.malwaremustdie.org/2015/09/mmd-0042-20...

https://otx.alienvault.com/pulse/55ef0d8a4637f26df...

Files that talk to sdup.qh-lb.com

MD5	A/V
30e22da1e83695a42804b339fb72d364	[Backdoor*Win32/Zegost.B]
12bf48aad67e6aa7ded1498c4858d865	[Backdoor*Win32/Zegost.B]
f5ca13562fb1b3cec45358021a3b4a25
98e94fc3e873c315622db695c02520a4	[TrojanDropper*Win32/Zegost.B]
2ddadf338a58337d51c70f2b3105a5b2
f975521a337dbd521fb6e63bd18b6f8e	[Backdoor*Win32/Zegost.B]
f8cb854597c18887433265702a72cfd4	[Trojan.Spy-80656] [TR/PSW.Bjlog.lby.10] [TrojanDropper*Win32/Zegost.B]
73712259eecbe59245b03f6d8dbdd402	[Heuristics.Broken.Executable] [Backdoor*Win32/Zegost.B]
3fabccdb91cf9038dcffff47bc364830	[W32.Sality.PE] [Win32.Sality.3] [Packed.Win32.Obfuscated.10!O] [W32.Sality.U] [Win32.Sality.BL] [W32.Sality.AE] [Sality.ZHB] [Win32/Sality.AA] [PE_SALITY.RL] [Virus.Win32.Sality.beygb] [Win32.Sality.N] [Trojan.KillProc.26742] [Virus.Sality.Win32.20] [W32/Sality.AT] [Heuristic.LooksLike.Win32.Suspicious.C!80] [Virus:Win32/Sality.AT] [Win32/Kashu.E] [Virus.Win32.Sality.bakc] [W32/Sality.AA] [Win32/Sality.NBA] [Trojan-PWS.Win32.Bjlog] [Win32/Sality] [Virus.Win32.Sality.$Emu]
184f870d527eacc6e28f84efdb67df37	[Backdoor*Win32/Zegost.B]
d850d6a5a34cbb5c030775d30d21b0d1	[TrojanPSW.Bjlog.g5] [Trojan.Spy-80656] [Trojan.Packed.22267] [Win32/Redosdru.GL] [W32/Rincux.AA!tr] [Trojan-PWS.Win32.BjlogWin32.Malware] [Trojan-PSW.Win32.Bjlog.zeq] [TrojanDropperWin32/Zegost.B] [Backdoor.Trojan] [BKDR_ZEGOST.SMZZ]
abec713acddf4ae5b9ddb593188d0b43	[Backdoor*Win32/Zegost.B]
1b1dfac9b0f1356cb8167012164ffb75	[Backdoor*Win32/Zegost.B]
7d290b1298b32cb15e5e4d6298d3e224	[TrojanDropper*Win32/Zegost.B]
914ad1bd33207f40edb342d496abdc6f	[Backdoor*Win32/Zegost.B]
77207de1291743910297c7c005580123
5900589b310931348632c29d0e1bcec6	[Backdoor*Win32/Zegost.B]
99d8ef0fde1e23b1aa6000d36c3c7532
d96ac432402767edafb0d7bab79cc22d	[Backdoor*Win32/Zegost.B]
1c8d4cd98f3ffe1b942f0a04692ed215	[TR/PSW.Bjlog.lfzb] [Trojan.Spy-78740] [TrojanDropper*Win32/Zegost.B]

Whois

Property	Value
NameServer	NS3.QH-LB.COM
Created	2007-11-22 00:00:00
Changed	2015-04-17 00:00:00
Expires	2015-11-22 00:00:00
Registrar	GODADDY.COM, LLC