Domain > testetst.ru

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://malwarefor.me/2015-11-27-angler-ek-sending-...

https://otx.alienvault.com/pulse/5658e8ba4637f2388...

https://blogs.sophos.com/2016/01/06/the-current-st...

Files that talk to testetst.ru

MD5	A/V
6be221f3b83caf84d4ff426f736a527f
70386f16d2fff1e26f2a68f99b2bf700	[Win32.Ramnit.Y] [Win32.Ramnit.Y] [Virus.Win32.Ramnit.2!O] [W32.Nimnul.F] [Virus.Nimnul.Win32.2] [Win32.Ramnit.Y] [Virus.Win32.Nimnul.bauhiz] [PE_RAMNIT.GUD] [Win32:Ramnit-AR] [Win32.Ramnit.Y] [Virus.Win32.Nimnul.e] [Win32.Ramnit.Y] [Win32.Ramnit.Y] [Win32.Rmnet.21] [PE_RAMNIT.GUD] [W32/Ramnit-BD] [Win32/Nimnul.d] [W32/Nimnul.D] [Virus/Win32.Nimnul.e] [Win32.Ramnit.Y] [Virus:Win32/Ramnit.AH] [Win32.Ramnit.Y] [Virus.Nimnul.ea] [PE:Trojan.Ramnit!1.9A73[F1]] [Virus.Win32.Ramnit] [W32/Ramnit.AM] [Win32/Heur]
d10660cc99ed423ab11b1d8ff54df187	[Trojan.Win32.Nimnul.vot]
eb4b364dfd661dbf51fa9fb1c8eeb459	[W32/Ramnit] [Trojan.Win32.Nimnul.dxohrb] [W32/Trojan.AOVR-7180] [TROJ_DYER.BME] [Trojan.Win32.Nimnul.vpd] [Trojan.Kryptik!iJX6L7PIfhc] [Trojan.Win32.Z.Nimnul.306176[h]] [Win32.Trojan.Nimnul.Akyt] [Trojan.Rmnet.60] [TROJ_DYER.BME] [BehavesLike.Win32.Multiplug.dc] [Trojan/Nimnul.ea] [TrojanDropper:Win32/Evotob.C] [Virus/Win32.Ramnit] [Trojan.Win32.Nimnul.vpd] [Trojan.Win32.Crypt] [W32/Nimnul.VPD!tr] [Luhe.Fiha.A] [Trj/CI.A]
894b6a216610d02f783e37c37eeeec4d
e5a2f8026577bbfde96e2af87fbbee9e	[Trojan.Dyname.r8] [Trojan.Injector.VB] [Trojan.Kryptik!07OgwSUYk0s] [Infostealer.Dyre] [Trojan.Win32.Dyre.dywqoe] [Trojan.Dyre.43] [BehavesLike.Win32.PWSZbot.fc] [W32/Trojan.AFAW-0038] [TR/Samca.A.726] [W32/Kryptik.EDYR!tr] [Trojan:Win32/Dynamer!ac] [Adware.Win32.iBryte.EDYR] [Win32.Trojan.Samca.Akyk] [Virus.Win32.Ramnit] [Crypt5.KTT] [Trj/CI.A]
24dc349285fe3222630d9019e908f0d1	[HW32.Packed.83CC] [Trojan-Banker.Win32.Qadars.go]
643fb3b0d8ba9f12b3859e68b9616136	[Win32/Ramnit.BV] [Trojan-Ransom.Win32.Foreign.mvhf] [Trojan.Win32.Foreign.dxzhno] [Trojan.Dyre.43] [BehavesLike.Win32.Dropper.dc] [TR/AD.Ramnit.Y.34] [PossibleThreat.SB!tr] [Trojan[Ransom]/Win32.Foreign] [Trojan/Win32.Infostealer] [Trojan:Win32/Ramnit!rfn] [Artemis!643FB3B0D8BA] [Win32.Virus.Ramnit.Wmjf] [Virus.Win32.Ramnit] [Virus.Win32.Ramnit.BV]
954c7f2f747d2d4ab872f339a7df2af8
9a20bfd6b2e365bcfe93e349de47aedd	[HW32.Packed.12A0] [Virus.Win32.Ramnit.2!O] [W32.Nimnul.F] [Trojan.Injector] [W32/Trojan.ZKKC-8035] [PE_RAMNIT.GUD] [Win32:Ramnit-AR] [Virus.Win32.Nimnul.e] [Virus.Win32.Nimnul.bauhiz] [Win32.HLLM.Reset.478] [Virus.Nimnul.Win32.2] [PE_RAMNIT.GUD] [BehavesLike.PWSZbot.hc] [W32/Ramnit-BD] [Win32/Nimnul.d] [W32/Nimnul.D] [Trojan/Win32.Yakes] [Virus:Win32/Ramnit.AH] [W32/Ramnit.o] [Virus.Nimnul.ea] [Virus.Win32.Ramnit] [W32/Kryptik.ECPT!tr] [Win32/Ramnit] [Adware.Win32.iBryte.ECPT]
d87d2391f3959528264fa5a0413b2567	[W32.PhosderbanLTC.Trojan] [Ransom.Teslacrypt.D4] [Trojan.MalPack] [W32/Trojan.XEAY-2496] [TROJ_DYER.BMC] [Trojan.Win32.Nimnul.vuz] [Trojan.Win32.Reset.dyzrei] [Win32.Virus.Ramnit.Wsaf] [Win32.HLLM.Reset.478] [TROJ_DYER.BMC] [BehavesLike.Win32.Backdoor.cc] [TR/Crypt.ZPACK.219009] [TrojanDropper:Win32/Evotob.B] [SScope.Malware-Cryptor.Drixed] [Win32/Ramnit.BV] [Virus.Win32.Ramnit] [W32/Kryptik.EFAD!tr]
1909014cfe80eb2607203ec14e7f72e5
25869256f7d64b71307d6c1f1e7e8215
6eaf56765c9e30c57684b1f68a5d63a4
ec487a9abd8254bb14fe81ef149870be	[Trojan.Zbot] [Trojan.Win32.Nimnul.dxwweh] [Win32/Ramnit.BV] [TROJ_DYER.BMC] [Trojan.Win32.Nimnul.vpc] [Win32.Virus.Ramnit.Alim] [UnclassifiedMalware] [Win32.HLLM.Reset.478] [TROJ_DYER.BMC] [Trojan/Nimnul.eb] [Trojan:Win32/Dynamer!ac] [Trojan.Graftor.D3EF26] [Virus/Win32.Ramnit] [Trojan.Nimnul] [Trojan.Win32.Nimnul.vpc] [Virus.Win32.Ramnit] [W32/Nimnul.VPC!tr] [Crypt5.ACE]
05baba1d5ff0d49e423158d98e955f16	[Ransom.Teslacrypt.D4] [RDN/Ransom] [Trojan.Win32.Reset.dyzqyt] [TROJ_DYER.BMC] [Win32.Virus.Ramnit.Gby] [UnclassifiedMalware] [Win32.HLLM.Reset.478] [Adware.BrowseFox.Win32.235329] [TROJ_DYER.BMC] [BehavesLike.Win32.Skintrim.cc] [W32/Trojan.NHYN-4304] [Trojan.Blocker.ahq] [TR/Crypt.ZPACK.218717] [Trojan[Ransom]/Win32.Blocker] [TrojanDropper:Win32/Evotob.B] [Trojan/Win32.Evotob] [SScope.Malware-Cryptor.Drixed] [Trj/CI.A] [Win32/Ramnit.BV] [Trojan.Win32.Ramnit] [W32/Kryptik.EFAD!tr] [Crypt5.QPH] [Trojan.Win32.Ransomlock.hyqd]
c87d935a54d6940f754f84057038b29d