Domain > topdrivers.org

More information on this domain is in AlienVault OTX

Reports

http://www.malware-traffic-analysis.net/2016/01/26...

https://otx.alienvault.com/pulse/56a8fdce67db8c6aa...

Files that talk to topdrivers.org

MD5	A/V
900b693a093da57191e5e36e35244a82	[Trojan-Downloader:W97M/Dridex.R] [HEUR.VBA.Trojan.d]
7cce1482771f71e45773205375a45131	[BehavesLike.Win32.PWSZbot.fh]
61f847bcb69d0fe86ad7a4ba3f057be5	[W32/Kryptik.EKZF!tr]
dc44690f83f8236fb83850087d65ecce	[BehavesLike.Win32.Ransom.fh]
64f108a2b8fd67daa6099f0829761f0e	[BehavesLike.Win32.PWSZbot.gh]
7d778bdc9080698f15e04ec1e5484c86	[Trojan/PSW.OnLineGames.cbda]
1cb579be58467954f8b7d1611bb677e6	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
ab76e674f506a16845c1f5026d23c43b
cf5a089bf47211b2299c93458f44a031	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
341efc979b524ca59c257617574ae361
19c3d8ce4b652816ef249aca4ff140a3	[Mal/EncPk-ABL]
3bc10ebbedcf632c86737cb79725e10c	[Ransom.Crowti.G4]
665a7e105b6fd741bcb898b0b1d3f57f	[JS.Downloader.BS] [JS/Downldr.CZ1!Eldorado] [JS/Downldr.CZ1!Eldorado] [HEUR.JS.Trojan.a]
9d04e4c80c7baf73d4e44e11d71216d5	[Ransom.Crowti.G4]
2b7ec953a9c043738125f0379a25d730	[Artemis!2B7EC953A9C0] [Trojan.MalPack] [Trojan.Bitman!] [Suspicious.Cloud.9] [Ransom_CRYPTESLA.YUYAGU] [Trojan-Ransom.Win32.Bitman.fpd] [Trojan.DownLoader19.5690] [Ransom_CRYPTESLA.YUYAGU] [BehavesLike.Win32.PWSZbot.dh] [Mal/EncPk-ABL] [W32/Kryptik.EHEZ!tr] [Trojan.Razy.D110E] [VirTool:Win32/CeeInject.GF] [Trojan/Win32.Teslacrypt] [Adware.Win32.iBryte.EHEZ] [Trojan.Win32.Crypt] [Crypt5.ADJY] [Win32/Trojan.6e4]
6721a3616e4bd381e91f8fd4fc3f4651	[Troj.Downloader.Script!c] [Trojan.Script.Nemucod.dzmpqx] [JS.DownLoader.696] [Troj/JSDldr-DH] [TrojanDownloader:JS/Swabfex.G]
01665d8af790763b3668af90dc077ea1
795aa090240094ad58a6a567fb612db4	[W32.XbisranAF.Trojan] [Ransom.FileLocker] [Trojan.Bitman!] [Ransom_CRYPTESLA.YUYAGX] [Trojan-Ransom.Win32.Bitman.fay] [Trojan.Win32.Zegost.dzumpr] [TrojWare.Win32.Kryptik.~ELDZ] [Ransom_CRYPTESLA.YUYAGX] [BehavesLike.Win32.Trojan.fh] [W32/Dorkbot-LF] [Worm.Ngrbot.lf] [Trojan[Ransom]/Win32.Bitman] [Trojan.Win32.A.Bitman.398336[h]] [Trojan/Win32.Teslacrypt] [Ransom:Win32/Tescrypt!rfn] [Trj/CI.A] [Win32.Trojan.Bitman.Ahyo] [Trojan.Win32.Crypt] [W32/Kryptik.ELDZ!tr] [Ransomer.KUG] [Win32/Backdoor.142]
b3825494d54321c5bce0d4845fcfa86c	[Trojan/W32.Bitman.462848] [Ransom.Crowti.G4] [Ransom.FileCryptor] [Trojan.Win32.Encoder.dzxaey] [Trojan-Ransom.Win32.Bitman.fuh] [Trojan.Bitman!] [Troj.W32.Yakes] [Mal/Tinba-T] [Trojan.Encoder.3564] [Backdoor.PePatch.Win32.97322] [BehavesLike.Win32.Backdoor.gc] [W32/Trojan.ITPF-7926] [Trojan.Bitman.ed] [TR/Crypt.ZPACK.181556] [Trojan[Ransom]/Win32.Bitman] [Ransom:Win32/Tescrypt.D] [Trojan/Win32.Teslacrypt] [Ransomware-FCW!B3825494D543] [W32/Kryptik.ELNU!tr] [Crypt5.ADRF]
da5c7d3125a25327c2ac09ba48ef6e2c	[Backdoor.Bot] [Trojan.Barys.DC7FB] [Trojan.DR.Dapato!2KdAmZ4Fbr0] [Trojan.Cryptlock.N!g2] [Trojan.Win32.AVKill.dzsvrr] [Trojan.AVKill.59743] [BackDoor-FDBF!DA5C7D3125A2] [Mal/Wonton-CB] [Trojan.Bitman.ee] [TR/Crypt.ZPACK.178466] [Trojan[Dropper]/Win32.Dapato] [Ransom:Win32/Tescrypt.D] [Trojan.Win32.Ransom.290304.A[h]] [Trojan/Win32.Teslacrypt] [BackDoor-FDBF!DA5C7D3125A2] [W32/Kryptik.ELCY!tr] [Trj/GdSda.A]

DNS Resolutions

Date	IP Address
2015-01-01	184.168.221.49 (ClassC)
2016-01-20	185.24.99.98 (ClassC)
2018-01-03	50.63.202.72 (ClassC)
2018-01-03	50.63.202.92 (ClassC)
2018-10-10	185.119.173.14 (ClassC)
2020-05-08	185.119.173.81 (ClassC)
2024-09-30	104.21.14.220 (ClassC)
2024-12-07	172.67.160.157 (ClassC)
2025-02-17	104.21.112.1 (ClassC)
2025-03-17	104.21.48.1 (ClassC)
2025-03-20	104.21.16.1 (ClassC)
2025-03-28	104.21.64.1 (ClassC)
2025-04-27	104.21.32.1 (ClassC)
2025-05-12	104.21.96.1 (ClassC)

Port 443

HTTP/1.1 200 OKDate: Tue, 09 Jul 2019 07:56:55 GMTServer: ApacheX-Frame-Options: SAMEORIGINX-XSS-Protection: 1X-Content-Type-Options: nosniffPragma: no-cacheCache-Control: privateExpires: Mon, 26 Jul

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml>head>	link relstylesheet typetext/css hrefhttps://topdrivers.org/Themes/default/css/index.css?fin20 />	script typetext/javascript srchttps://topdrivers.org/Themes/default/scripts/script.js?fin20>/script>	script typetext/javascript srchttps://topdrivers.org/Themes/default/scripts/theme.js?fin20>/script>	script typetext/javascript>!-- // -->!CDATA		var smf_theme_url  https://topdrivers.org/Themes/default;		var smf_default_theme_url  https://topdrivers.org/Themes/default;		var smf_images_url  https://topdrivers.org/Themes/default/images;		var smf_scripturl  https://topdrivers.org/index.php?PHPSESSID0a8f7564702d1ca820782ba5cf3609c7&;		var smf_iso_case_folding  false;		var smf_charset  UTF-8;		var ajax_notification_text  Зареждане...;		var ajax_notification_cancel_text  Отказ;	// >/script>	meta http-equivContent-Type contenttext/html; charsetUTF-8 />	meta namedescription contentФорумът на българските шофьори и транспортни работници />	meta namekeywords contentТоп драйвърс български шофьорски форум транспорт международен шофьор спедиция  логистика коли ремонти на пътя паркинги />	title>Форумът на българските шофьори и транспортни работници/title>	link relhelp hrefhttps://topdrivers.org/index.php?PHPSESSID0a8f7564702d1ca820782ba5cf3609c7&actionhelp />	link relsearch hrefhttps://topdrivers.org/index.php?PHPSESSID0a8f7564702d1ca820782ba5cf3609c7&actionsearch />	link relcontents hrefhttps://topdrivers.org/index.php?PHPSESSID0a8f7564702d1ca820782ba5cf3609c7& />	link relalternate typeapplication/rss+xml titleФорумът на българските шофьори и транспортни работници - RSS hrefhttps://topdrivers.org/ind

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > topdrivers.org

Is this malicious?

Reports

Files that talk to topdrivers.org

DNS Resolutions

Port 80

Port 443