Help RSS API Feed Maltego Contact                        

Domain > shmetterheath.ru

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://dshield.org/forums/diary/Actor that tried N...    
http://www.isightpartners.com/2015/09/teslacrypt-2...    
https://otx.alienvault.com/pulse/55ddb6984637f21c5...    
https://otx.alienvault.com/pulse/55f9d9b74637f26df...    

Files that talk to shmetterheath.ru
MD5A/V
fde809bdb012478ff1b2d1c7ab0480e8[HW32.Packed.3394] [Trojan.Cryptolocker.E] [Trojan.Win32.Deshacop.jm] [Trojan.AVKill.37549] [BehavesLike.Win32.PWSZbot.dc] [TR/Crypt.ZPACK.126783] [Trojan/Win32.Deshacop] [Trojan/Win32.Cryptolocker] [Ransom:Win32/Tescrypt.A] [Artemis!FDE809BDB012] [Trojan.Win32.Deshacop.jm] [Win32.Trojan.Crypt.Eilk] [Trojan.Win32.Crypt] [PossibleThreat.P0] [Crypt4.BUGY]
8f920ef5b2113b7673a5c0969c2a6784[HW32.Packed.323F] [Trojan.TeslaCrypt] [Trojan.Win32.Deshacop.duylpe] [Trojan.Cryptolocker.E] [Win32/Filecoder.EM] [Trojan.Win32.Deshacop.iz] [Trojan.Deshacop!] [Trojan.AVKill.37558] [BehavesLike.Win32.BadFile.dc] [TR/Crypt.ZPACK.75392] [Trojan/Win32.Deshacop] [Ransom:Win32/Tescrypt!rfn] [Artemis!8F920EF5B211] [Trojan.Win32.Deshacop.iz] [Trojan.Win32.Filecoder] [PossibleThreat.P0] [FileCryptor.CRR]
9d53a92af0593402ea800bbf9f7e80e9[HW32.Packed.9E94] [Trojan/Win32.Cryptolocker]
fc23429fa6ea41fedd4ec6ca38f3a1b8[HW32.Packed.F0C5]
54a417698cc0ae82b6f3a105b0f9c2b6[HW32.Packed.BD64]
34e1cf9d719209cbb3867038e7365538[HW32.Packed.83CC] [rojan.FakeMS] [Win32/Filecoder.EM] [Trojan.Win32.Deshacop.kc] [TR/Crypt.ZPACK.149474] [Ransom:Win32/Tescrypt.A] [Trojan/Win32.Cryptolocker] [RansomCWall-FAE!34E1CF9D7192] [Trojan.Win32.Filecoder] [Trojan.Win32.Filecoder.EM]
13743526917c171ff4a2c48980e7eb7a
df00933e0289fec7c5ba6bb99b4e5911[HW32.Packed.91B7] [RDN/Ransom] [Trojan.Inject] [Trojan.Cryptolocker.E] [Win32/Filecoder.EM] [TROJ_CRYPWALL.XXTYJ] [Trojan.Win32.Deshacop.jz] [TROJ_CRYPWALL.XXTYJ] [BehavesLike.Win32.Dropper.dc] [Trojan/Win32.Deshacop] [Ransom:Win32/Tescrypt.A] [Trojan/Win32.Cryptolocker] [Trojan.Win32.Filecoder] [W32/Filecoder.EM!tr] [FileCryptor.CTQ] [Trojan.Win32.Deshacop.jz]
538addfab474e7fc162977ab481a7943[HW32.Packed.E8BD] [Win32.Trojan.Bp-ransomware.Ejqz]
38693814fa0935edcf1f23afb01724c3[HW32.Packed.70CC] [Trojan/W32.Yakes.237568.H] [Trojan.Rovnix.ALTV] [Trojan.Win32.Yakes.dvbegw] [Trojan.Cryptolocker.E] [TROJ_CRYPWALL.TYI] [Trojan.Win32.Yakes.ljhg] [Trojan.Yakes!uTKqw9Ggv98] [TROJ_CRYPWALL.TYI] [BehavesLike.Win32.Dropper.dc] [TR/AD.CryptoWall.Y.12] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt.A] [Trojan/Win32.Cryptolocker] [Artemis!38693814FA09] [Trojan.Win32.Yakes.ljhg] [Win32/Filecoder.EM] [Trojan.Win32.Yakes] [W32/Yakes.LJHG!tr] [FileCryptor.CSV] [Trj/Ransom.BK]
38dbc20fb814e61068cdd4feb81087bb[HW32.Packed.7044] [Trojan.Cryptolocker.E] [Win32/Filecoder.EM] [TROJ_CRYPWALL.XXTYK] [Trojan-Ransom.Win32.Bitman.vq] [Trojan.Bitman!] [TROJ_CRYPWALL.XXTYK] [Artemis!Trojan] [TR/AD.CryptoWall.Y.17] [Trojan[Ransom]/Win32.Bitman] [Ransom:Win32/Tescrypt.A] [Artemis!38DBC20FB814] [Trojan.Win32.Ransom.vq] [Trojan.Win32.Filecoder] [FileCryptor.CWQ] [Trj/cryptowall.B]
1b2938158e8611e59d5f590131806ec2[HW32.Packed.5681] [Trojan.TeslaCrypt]
d2db87e5b0f4edf9b6d88e9ee61b0fff[HW32.Packed.42DB] [Trojan.Win32.Bitman.dvfagf] [Trojan.Cryptolocker.E] [Trojan-Ransom.Win32.Bitman.vu] [Trojan.Bitman!] [Win32.Trojan.Bp-ransomware.Ejqz] [Trojan.DownLoader15.44548] [Artemis!Trojan] [Troj/Ransom-BDO] [TR/Crypt.ZPACK.152774] [Trojan[Ransom]/Win32.Bitman] [Trojan:Win32/Dynamer!ac] [Trojan/Win32.CryptoWall] [RansomCWall-FAJ!D2DB87E5B0F4] [Trj/CI.A] [Trojan.Win32.Crypt] [Crypt4.BWCK]
5bf9f5dfab935a535e8abd6f8120359e[HW32.Packed.CC2F] [RansomCWall-FAH!5BF9F5DFAB93] [Trojan.Bitman!] [Trojan.Cryptolocker.E] [Trojan-Ransom.Win32.Bitman.vw] [TR/FileCoder.266562] [Trojan[Ransom]/Win32.Bitman] [Trojan.Mikey.D56D6] [Trojan/Win32.CryptoWall] [Trj/CI.A] [Win32/Filecoder.EM]
a03df6349e4c7fb570fa8b73b6106431[HW32.Packed.B81B]
f7d3e8d2fb3400d81157e61b43c3fe55[HW32.Packed.BF2F] [TR/Crypt.ZPACK.175877]
08ec02ae2ead0f03db324ef8662f81c2[HW32.Packed.8383] [Trojan.VBCrypt] [Win32/Filecoder.EM] [TR/Crypt.ZPACK.175948] [PossibleThreat.P0]
282e7632eeb8e79d112a97aeb3ff7d8e
425fb159c5f7f7591e3dd447d6b76d6c[HW32.Packed.BF2F] [Trojan.TeslaCrypt] [Trojan.Cryptolocker.E] [Win32/Filecoder.EM] [Trojan-Ransom.Win32.Bitman.xc] [Trojan.DownLoader15.48652] [TR/Crypt.ZPACK.175877] [Trojan.Ransom.cryptolocker] [Trojan.Win32.Ransom.xc] [Trojan.Win32.Crypt] [W32/Kryptik.DTSP!tr] [Crypt4.BYEY] [Trj/Necurs.G]
0e8236a353c310328d94fef628b00e94[HW32.Packed.816A] [Win32/Filecoder.EM] [Trojan-Ransom.Win32.Bitman.xg] [TR/Crypt.ZPACK.176016] [Trojan.Win32.Filecoder] [PossibleThreat.P0] [FileCryptor.CZH] [Trojan.Win32.Ransom.xg]