Domain > srvdexpress3.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

https://blogs.mcafee.com/mcafee-labs/rovnix-downlo...

https://blogs.mcafee.com/mcafee-labs/rovnix-downlo...

https://otx.alienvault.com/pulse/5668e4be67db8c0fd...

https://otx.alienvault.com/pulse/5672c70867db8c3f8...

https://otx.alienvault.com/pulse/5672c77167db8c3f8...

https://otx.alienvault.com/pulse/5672cc844637f2563...

Files that talk to srvdexpress3.com

MD5	A/V
c2fddceaa51efc19353d78167e3c6d62	[Win32/Rovnix.Z] [Trojan.Win32.Yakes.mcic] [TR/Crypt.ZPACK.79642] [W32/Rovnix.Z!tr]
e3e2ecacbc50f9c01ad44bd970daacaa	[TrojanDropper*Win32/Rovnix.P] [Trojan.FakeFlash] [TR/Crypt.ZPACK.178271] [Trojan.Win32.Rovnix] [Win32/Rovnix.Z] [W32/Trojan.LKJE-5177] [Atros2.QAF] [0x5905fe30]
99fa6dcde1b77ebc504492460afd8396	[TR/AD.RovnixDropper.Y.169] [Win32/Kryptik.DWSK] [Crypt4.CHOK] [W32/Rovnix.DWLQ!tr] [TrojanDropper*Win32/Rovnix.P] [Trojan.Crypt] [W32/Trojan.SFEJ-2353] [Trojan.Win32.Crypt] [Trojan.Win32.Rovnix.eg]
d15929e97ad43e164e19f66a6d950f2f	[TR/Crypt.ZPACK.180922] [Win32/Kryptik.DWDX] [Crypt4.CGHJ] [TrojanDropper*Win32/Rovnix.P] [W32/Trojan.GHON-3705] [Trojan.Win32.Crypt]
923ca3a64e731ee6f3233582ca5051a8	[TrojanDropper*Win32/Rovnix.P] [W32/Kryptik.DWDX!tr] [Crypt4.CGFN] [Win32/Kryptik.DWDX] [TR/Crypt.ZPACK.179734]
cdfa1717af42e488615dbc1d18451d58	[Crypt4.CGFP] [Trojan.Crypt4] [TR/Crypt.ZPACK.132320] [Trojan.FakeFlash] [Trojan.DownLoader17.2758] [TrojanDropper*Win32/Rovnix.P] [Win32/Kryptik.DVWL] [W32/Kryptik.DWDX!tr] [W32/Trojan.NZBK-0417]
49d4cec5e55d6c5768365faa019c031b	[TR/Crypt.ZPACK.180929] [Win32/Rovnix.Z] [Atros2.UEP] [W32/Rovnix.Z!tr] [TrojanDropper*Win32/Rovnix.P] [Trojan.Rovnix] [W32/Trojan.GFPL-0698] [Trojan.Win32.Rovnix] [Trojan.Win32.Yakes.mdgc]
d0ee1f59659913fd9b350571257f4753	[Trojan.Win32.Yakes.mcdo] [Trojan.Win32.Crypt] [W32/Trojan.GJGI-0899] [Trojan.Rovnix] [TrojanDropper*Win32/Rovnix.P] [W32/Kryptik.DVUV!tr] [Crypt4.CEXW] [Win32/Kryptik.DVUV] [TR/Crypt.ZPACK.131687]
8b8f8f463df1e422c44c9b0180124924	[Trojan.Yakes.Win32.38708] [Trojan.Win32.Rovnix] [W32/Trojan.FEVJ-2651] [Trojan.Rovnix] [TrojanDropper*Win32/Rovnix.P] [W32/Yakes.MALF!tr] [Atros2.ODM] [Win32/Rovnix.Z] [TR/Crypt.ZPACK.74954]
e5cd0889f402e5d1716c2a121d753769	[Packed-FH!E5CD0889F402] [TR/Crypt.ZPACK.180953] [Win32/Kryptik.DWDX] [Crypt4.CFVV] [W32/Kryptik.DVYJ!tr] [TrojanDropper*Win32/Rovnix.P] [W32/Trojan.CQTF-4649] [Trojan.Win32.Crypt]
bf33eb2ab1d5e3cc5fdc68af24f2adf0	[Trojan.Win32.Crypt] [W32/Trojan.XLJW-2442] [Trojan.Rovnix] [TrojanDropper*Win32/Rovnix.P] [Pakes2_c.BHIZ] [Win32/Kryptik.DVNB] [TR/Crypt.ZPACK.184244]
9307a9d90bcaaa24a236727c6fcb012d	[Packed-FH!9307A9D90BCA] [TR/Crypt.ZPACK.73211] [Win32/Kryptik.DVNB] [Crypt4.CEPN] [Trojan*Win32/Dynamer!ac] [Trojan.Rovnix] [W32/Trojan.TJME-0774] [Trojan.Win32.Crypt] [Trojan.DownLoader16.16003]
0a667ef837ca721c4afe475a56f43f89	[TR/Crypt.ZPACK.75728] [Win32/Rovnix.Z] [Atros2.OYZ] [W32/Yakes.MBPC!tr] [TrojanDropper*Win32/Rovnix.P] [Trojan.FakeFlash] [W32/Trojan.MAWE-4309] [Trojan.Win32.Rovnix] [Trojan.Yakes.Win32.38689] [Trojan.Win32.Yakes.mbpc]
8bd5fa8ce5afa6466bac42add9d5edeb	[Packed-FH!8BD5FA8CE5AF] [TR/Crypt.ZPACK.77794] [Win32/Kryptik.DVNB] [Crypt4.CFAX] [TrojanDropper*Win32/Rovnix.P] [Trojan.Rovnix] [W32/Trojan.FKHV-8150] [Trojan.Win32.Crypt]
fdb086649ec29570403341c663533e4d	[Trojan.DownLoader16.8626] [Trojan.Win32.Rovnix] [W32/Kryptik.DFAR!tr] [Atros2.NIR] [Win32/Rovnix.Z] [TR/Crypt.ZPACK.64089]
84314f5cd284d24ce62f278310016dc7	[W32/Kryptik.DXDR!tr] [TR/Crypt.ZPACK.184112] [Trojan.Win32.Crypt] [Crypt4.CIBB] [TrojanDropper*Win32/Rovnix.P] [Trojan.Crypt] [Trojan.Rovnix.Win32.533] [W32/Trojan.XWDF-7383] [TrojanDropper.Rovnix.r8] [Win32/Kryptik.DWSK]
0fa1424d743ada9bda34907396bcb349	[Trojan.Win32.Pincav.bqjdn] [Crypt5.MKQ] [Trojan.Win32.Pincav.bqjdn] [Trojan.Win32.Crypt] [Trojan.Rovnix] [TrojanWin32/Bulta!rfn] [TrojanWin32/Bulta!rfn] [W32/Kryptik.DKDS!tr] [W32/Kryptik.DKDS!tr] [Crypt5.MKQ] [Trojan.Win32.Crypt] [Trojan.PWS.Panda.9756] [Trojan.Rovnix] [Trojan.PWS.Panda.9756] [TR/Crypt.ZPACK.210618] [TR/Crypt.ZPACK.210618] [Win32/Kryptik.DZDN] [Win32/Kryptik.DZDN] [W32/Trojan.OKOG-0577] [W32/Trojan.OKOG-0577]
965e09f29c32ac699bbb28bd6085708d	[TrojanWin32/Bulta!rfn] [W32/Kryptik.DKDS!tr] [Cryptic.EYC] [Trojan.Win32.Pincav.bqite] [TrojanWin32/Bulta!rfn] [Win32/Rovnix.Z] [Win32/Rovnix.Z] [Cryptic.EYC] [W32/Kryptik.DKDS!tr] [Trojan.Win32.Pincav.bqite] [W32/Trojan.AWWO-6181] [W32/Trojan.AWWO-6181] [Trojan.Bulta.r3] [Trojan.Bulta.r3] [TR/Drop.Rovnix.610304] [TR/Drop.Rovnix.610304] [Trojan.DownLoader16.56416] [Trojan.DownLoader16.56416]

Whois

Property	Value
Email	gavinsunders32@outlook.com
NameServer	DOMAINS4BITCOINS.MARS.ORDERBOX-DNS.COM
Created	2015-08-01 00:00:00
Changed	2015-08-01 00:00:00
Expires	2016-08-01 00:00:00
Registrar	PDR LTD. D/B/A PUBLI