Help RSS API Feed Maltego Contact                        

Domain > vr6g2curb2kcidou.expay34.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
https://otx.alienvault.com/pulse/5668ab624637f27ed...    
https://otx.alienvault.com/pulse/5668ae0067db8c0fd...    
https://otx.alienvault.com/pulse/566a129f67db8c0fd...    
https://otx.alienvault.com/pulse/566a12f14637f27ed...    
https://otx.alienvault.com/pulse/566b30ea67db8c0fd...    
https://techhelplist.com/spam-list/1000-reference-...    
https://techhelplist.com/spam-list/1002-payment-re...    
https://techhelplist.com/spam-list/1003-invoice-ou...    
https://techhelplist.com/spam-list/997-your-order-...    
https://techhelplist.com/spam-list/999-invoice-fro...    

Files that talk to vr6g2curb2kcidou.expay34.com
MD5A/V
b653770e9cfe6720d05e93fa34560f50
1d294f7ec5ec42d648a4fcc11b57372d[JS.Downloader] [JS_SWABFEX.A] [Trojan-Downloader.JS.Cryptoload.ar] [JS/DwnLdr-MZB] [JS_SWABFEX.A] [BehavesLike.JS.Exploit.lv] [Trojan.DSRA-0] [TrojanDownloader:JS/Swabfex.A] [Script.Trojan-Downloader.Swabfex.C] [JS/Downloader] [Trojan-Downloader.JS.Swabfex]
ea2f68265c0973092e33309d46f0b731[HW32.Packed.AF4C]
ccbf8741aca5abc84045a717b5e95306
6d82ee0b60131d52725e83c6da3fb502[HW32.Packed.15A6] [Win32/Heim]
ca2c089556a70d1451ed344bec6f17a3[HW32.Packed.4B0D]
f01352545d711a09b6556e33be6f8c8c[JS/TrojanDownloader.Nemucod.CJ] [BehavesLike.JS.ExploitBlacole.lv] [Troj/JSDown-BG] [JS/Nemucod.DTTU!tr]
cee2fabe6dcb1d19c39f2a6aea7d8701
f8c510f569bb2daf365c01e002e9bf48
e8653773c35b6f8ecbfac8d448de82ed[BehavesLike.JS.ExploitBlacole.zv]
1356f2f8ef331e4a986d3c1d734df979
773a6c75bbd713eb45ab215f002cd3bf
74a81fb12d24cea1bd66eb60dfe11af5

Whois
PropertyValue
Email matsura@expay34.com
NameServer NS2.SUSPENDED-DOMAIN.COM
Created 2015-12-08 00:00:00
Changed 2015-12-13 00:00:00
Expires 2016-12-08 00:00:00
Registrar WEB COMMERCE COMMUNI