Domain > zsn5qtrgfpu4tmpg.onion.lt

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

http://ransomwaretracker.abuse.ch/feeds/csv/

https://otx.alienvault.com/pulse/56e85de34637f24cb...

Files that talk to zsn5qtrgfpu4tmpg.onion.lt

MD5	A/V
2d256fef9468d2942fdf03d4d3e9a40b
1f6493b1d55c7e25a5f4b475f93aae24	[HW32.Packed.D064] [Trojan.Vimditator.Win32.70] [Trojan.Win32.Encoder.dnmzyt] [Trojan.Cryptolocker!g6] [TROJ_CRYPCBT.SMA] [Trojan-Ransom.Win32.Onion.dh] [Virus.Win32.Heur.c] [Trojan.Encoder.858] [BehavesLike.Win32.Dreform.jc] [Mal/Harnig-B] [Trojan/Vimditator.av] [Trojan/Win32.Vimditator] [Ransom:Win32/Critroni.B] [Ransom-FTX!1F6493B1D55C] [SScope.TrojanRansom.Crytroni] [PE:Malware.XPACK-HIE/Heur!1.9C48] [FileCryptor.VK] [Win32.Trojan.Onion.Eaxo] [Trojan.Win32.Filecoder.DA] [Trojan.FileCryptor] [W32/Filecoder.B!tr] [Win32/Trojan.49b]
b00664dbe47952eaec3e11fd60809656	[Ransom-CWall.c!B00664DBE479] [Trojan.Win32.Injector.dyojju] [PUA.Downloader] [BKDR_ANDROM.YVAND] [Backdoor.Win32.Androm.ipui] [Backdoor.Androm!EJ/7EHYyxIQ] [Mal/Zbot-UH] [UnclassifiedMalware] [BKDR_ANDROM.YVAND] [Ransom-CWall.c!B00664DBE479] [W32/Application.MPUH-3651] [TrojanSpy.Zbot.ieii] [TR/Crypt.Xpack.313663] [Trojan[Backdoor]/Win32.Androm] [Ransom:Win32/Critroni] [Backdoor.Win32.Androm.ipui] [Win32.Trojan.Crypt.Pala] [Trojan.Win32.Crypt] [W32/PWSZbot.FAKV!tr] [Zbot.AJJI] [Trj/CI.A] [Win32/Backdoor.cf4]
e4585d6526838978df26a6b31c0ddd0f	[HW32.Packed.4BFD] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.Downloader.bc] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
22125b14e6d97d02c3649208f46bd026	[HW32.Packed.D4CA] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.PWSZbot.jc] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
0eff91aaafdbeba37fc9f6fc7ac17c81	[HW32.Packed.F300] [W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
36a209a7d15d5d719d6072f45e4e3b46	[HW32.Packed.C79C] [Suspicious.Cloud.9] [Win32/Filecoder.DA] [Ransom_CRYPCTB.YSR] [UnclassifiedMalware] [Ransom_CRYPCTB.YSR] [BehavesLike.Win32.Downloader.jc] [W32/Trojan.QSOS-0345] [TR/Dropper.VB.45538] [Ransom:Win32/Critroni] [Trojan.Graftor.D40B6B] [Artemis!36A209A7D15D] [Trojan.Inject] [Pakes2_c.BVZV]
a292aa67db18205843139a652fd4d331	[W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.Backdoor.bc] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
0c6e703e158001e98cc9b1e2443342b1
86611400a57536de22c6680d20fede3f	[W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Win32.Trojan.Inject.Auto] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [Troj/Ransom-BXO] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [Win32.Outbreak] [FakeAlert]
20ea082fddf660e364e64a54f6c8e3b1	[W32/Heuristic-300!Eldorado] [Suspect.DoubleExtension-zippwd-15] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Win32.Trojan.Inject.Auto] [FakeAlert]
8b19b6588b96f8ff0a64dc9beb531fd7	[BehavesLike.Win32.PWSZbot.cc]
3169d6568eb3188b992422a5e2e1c431	[W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Win32.Trojan.Inject.Auto] [FakeAlert]
b0559c678dded7068d65819eadebad70	[W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [BehavesLike.Trojan.bc] [W32/Heuristic-300!Eldorado] [Backdoor.Androm.dyt] [Troj.W32.Inject] [Win32.Trojan.Inject.Auto] [FakeAlert]
cc953157768731da1285600fc6dcaa2e
ecc73603cd9f0a22a7a040c68d6fd29f	[HW32.Packed.B0C8] [Trojan.Xcsidl] [W32/Heuristic-300!Eldorado] [Win32/Filecoder.CTBLocker.A] [Zip.Suspect.DoubleExtension-zippwd] [Backdoor.Win32.Androm.jecv] [Win32.Trojan.Inject.Auto] [Heur.Dual.Extensions] [Trojan.Inject2.15005] [TROJ_GE.5F38B7E7] [BehavesLike.Downloader.bc] [Troj/Ransom-CHY] [W32/Trojan.TJCJ-8842] [Ransom:Win32/Critroni] [Trj/CI.A] [Backdoor.Win32.Androm] [Malicious_Behavior.VEX.89] [FakeAlert]
ac6f86536605809956b41644ebcc1cdc	[Artemis!A488AB820757] [Troj.W32.Inject] [W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [Artemis] [W32/Trojan.BQQQ-3631] [FakeAlert]
44507262c1d17a91bb87e539726d92ed	[W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [Artemis] [W32/Heuristic-300!Eldorado] [Trojan:Win32/Bagsu!rfn] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
98abf524b80fabe9bc8df46fbaa46a46	[W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]
6afbf1a9f31dea1064ede941927e1bab	[W32/Heuristic-300!Eldorado] [Zip.Suspect.DoubleExtension-zippwd] [Heur.Dual.Extensions] [HEUR_NAMETRICK.A] [W32/Heuristic-300!Eldorado] [Archive.Malware.FakeExt.N@susp] [FakeAlert]

Whois

Property	Value
Organization	Societe Anonyme Botage
Email	domains@sabotage.org
NameServer	dns.zedz.net
Created	2013-11-22 00:00:00
Registrar	Gandi Sas

DNS Resolutions

Date	IP Address
2015-03-11	82.94.251.220 (ClassC)
2015-04-24	82.94.251.220 (ClassC)
2019-06-07	185.53.179.7 (ClassC)
2019-09-07	185.53.179.8 (ClassC)
2020-03-24	185.53.179.10 (ClassC)
2020-05-04	185.53.178.50 (ClassC)
2024-09-03	104.247.81.50 (ClassC)
2025-07-25	104.247.82.50 (ClassC)

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]