Help RSS API Feed Maltego Contact                        

Domain > zsn5qtrgfpu4tmpg.onion.gq

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
http://ransomwaretracker.abuse.ch/feeds/csv/    
https://otx.alienvault.com/pulse/56e85de34637f24cb...    

Files that talk to zsn5qtrgfpu4tmpg.onion.gq
MD5A/V
a590442be4a587ad1696d09312783f78[Trojan.Injector!3G9iI6ktnX4] [WS.Reputation.1] [Trojan-Ransom.NSIS.Onion.ba] [Win32.Risk.Malware.Lmua] [Trojan.Encoder.858] [Ransom-O] [TR/Injector.233568] [Trojan/Win32.Injector] [Trojan.NSIS.Ransom.ba] [Win32/Injector.BZBS] [Trojan.Win32.Injector] [W32/BZBS!tr] [TrojanRansom.NSIS.r5] [Trojan.Win32.Inject2.drbexg] [Injector.IHGC] [Nsis.Trojan.Onion.Lmua] [Trojan.Onion.Win32.53] [TROJ_GE.F006A1B2] [Ransom:Win32/Critroni.B] [Trj/CI.A] [Artemis!A590442BE4A5] [Trojan.Win32.Injector.BZBS]
2d256fef9468d2942fdf03d4d3e9a40b
1f6493b1d55c7e25a5f4b475f93aae24[HW32.Packed.D064] [Trojan.Vimditator.Win32.70] [Trojan.Win32.Encoder.dnmzyt] [Trojan.Cryptolocker!g6] [TROJ_CRYPCBT.SMA] [Trojan-Ransom.Win32.Onion.dh] [Virus.Win32.Heur.c] [Trojan.Encoder.858] [BehavesLike.Win32.Dreform.jc] [Mal/Harnig-B] [Trojan/Vimditator.av] [Trojan/Win32.Vimditator] [Ransom:Win32/Critroni.B] [Ransom-FTX!1F6493B1D55C] [SScope.TrojanRansom.Crytroni] [PE:Malware.XPACK-HIE/Heur!1.9C48] [FileCryptor.VK] [Win32.Trojan.Onion.Eaxo] [Trojan.Win32.Filecoder.DA] [Trojan.FileCryptor] [W32/Filecoder.B!tr] [Win32/Trojan.49b]
b32711ccbf1c1abaf601d349508feb15[Win32/Neurevt.I] [Suspici.2DBCF6CF] [Trojan/Win32.Injector] [Trojan.Win32.Injector.CBYC]
92d36103bba95252bfd31667151fb5e1[Win32/Injector.CHVS] [Trojan-Ransom.NSIS.Onion.has] [TR/AD.CTBLocker.Y.12] [W32/CHVS!tr] [Trojan.NSIS.Ransom.has]
894fe9a77ec411f0303085e69e280b24[Ransom-CWall.c!B00664DBE479] [Trojan.Win32.Injector.dyojju] [W32/Application.MPUH-3651] [Backdoor.Win32.Androm.ipui] [Backdoor.Androm!EJ/7EHYyxIQ] [Trojan.Win32.Z.Zbot.774144[h]] [Mal/Zbot-UH] [UnclassifiedMalware] [Trojan.Injector.Win32.333583] [BKDR_AN.EC7B81CD] [BehavesLike.PWSZbot.bc] [TrojanSpy.Zbot.ieii] [TR/Crypt.Xpack.313663] [W32/PWSZbot.FAKV!tr] [Trojan[Backdoor]/Win32.Androm] [Ransom:Win32/Critroni] [Trj/CI.A] [Win32.Backdoor.Androm.Eann] [Trojan.Win32.Crypt] [Zbot.AJJI] [Backdoor.Win32.Androm.ipui] [Win32/Backdoor.cf4]
edaf914498453eea75afb1ce418e8430[Trojan.Injector] [Trojan.Strictor.D189F7] [Backdoor.Win32.Androm.iuny] [Mal/Zbot-UH] [Trojan.Encoder.3181] [BehavesLike.PWSZbot.bc] [Ransom:Win32/Critroni] [Backdoor.Win32.Androm.iuny] [Win32.Trojan.Inject.Auto] [Evilware.Outbreak] [W32/Injector.CNZD!tr]
3ea7fcfb57ecf72114db497ce18a5c97[HW32.Packed.D4CA] [Suspicious.Cloud.9] [Troj/Banloa-CJP] [BehavesLike.Win32.PWSZbot.jc] [Artemis!3EA7FCFB57EC] [Win32.Outbreak]
cf939ca7b2cff27ea333f8450458e150
fba7f33b4f6b5e978cf1f2397d8295e9
8ba886b29a7ae88a0134d2112b9c141a[HW32.Packed.A872] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.Fednu.jc] [W32/Heuristic-300!Eldorado] [FakeAlert]
da0ca53c70ee73e9791afde3907362f2[HW32.Packed.A872] [BehavesLike.Win32.Fednu.jc]
0eff91aaafdbeba37fc9f6fc7ac17c81[HW32.Packed.F300] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
125f336f9d3378eeb4f669dbb55d2895[HW32.Packed.FD44] [Suspicious.Cloud.2] [Troj/Ransom-BXL] [BehavesLike.Win32.Rontokbro.jc] [W32/Trojan.VXAJ-2000] [TR/Dropper.VB.45591] [Artemis!125F336F9D33] [Win32/Filecoder.DA] [Win32.Outbreak]
71c80d1f63014a0807980c7cce3bcba5[Artemis!71C80D1F6301] [Suspicious.Cloud.5] [BehavesLike.Win32.Malware.bc]
0a3f428764c969ffbe9760f8bb0a6073[HW32.Packed.5DC8] [W32/Heuristic-300!Eldorado] [Ransom_.4F05947A] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [Ransom_.4F05947A] [BehavesLike.Dropper.bc] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [Artemis!71C80D1F6301] [FakeAlert]
6027b9fa268cb2bfa890572ee087efe5[W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.HLLPSoul.bc] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [Win32.Trojan.Inject.Auto] [FakeAlert]
71edd7efc0538dab7d4674593c827c39[W32.Parite] [Troj/Ransom-BXO] [TR/Crypt.Xpack.438971] [Win32.Trojan.Inject.Auto] [Win32.Outbreak]
20ea082fddf660e364e64a54f6c8e3b1[W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Win32.Trojan.Inject.Auto] [FakeAlert]
ee2b6c9f65511ada0f9bcac15dcfa82f[Artemis!40CE00566109] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [Artemis] [W32/Heuristic-300!Eldorado] [Troj.Spy.W32.Zbot] [Win32.Trojan.Inject.Auto] [FakeAlert]

Whois
PropertyValue
Email df7a076e56588c9a.shielded@idshield.tk

DNS Resolutions
DateIP Address
2015-01-3176.74.170.223 (ClassC)
2015-04-0662.210.92.11 (ClassC)
2015-04-2862.210.92.11 (ClassC)
2025-07-29192.42.118.104 (ClassC)

Port 80
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information