Domain > 3q.wubangtu.info

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

https://raw.githubusercontent.com/fireeye/pivy-rep...

https://www.fireeye.com/resources/pdfs/fireeye-poi...

Files that talk to 3q.wubangtu.info

MD5	A/V
e5fd1c5e25d20c99f46df746cfea1136	[Backdoor/W32.Small.45056.AB] [Artemis!E5FD1C5E25D2] [Backdoor] [Trojan] [Trojan/Kryptik.abzt] [Trojan.Win32.Inject.bugkbu] [Backdoor.Darkmoon] [Backdoor.Win32.Inject.lmp] [Troj/Skcirb-A] [Heur.Suspicious] [Trojan.DownLoader5.26505] [BDS/Poisonivy.E.594] [Backdoor/Inject.sq] [Win32.Hack.Inject.(kcloud)] [Backdoor:Win32/Poisonivy.E] [Backdoor.Win32.A.Inject.45056.D] [W32/Backdoor.VCIR-1765] [Backdoor/Win32.Inject] [Backdoor.Inject] [Backdoor.Darkmoon!rem] [Backdoor.Win32.Inject] [W32/BackDoor.DHI!tr]
a5965b750997dbecec61358d41ac93c7	[W32.Clod65b.Trojan.32ce] [Backdoor.Inject.vxy] [Trojan.Win32.Poison.ooszz] [Backdoor.Darkmoon] [TROJ_SPNR.30ED12] [Troj/Skcirb-A] [Heur.Suspicious] [BDS/Poison.E.350] [Backdoor/Inject.acc] [Backdoor:Win32/Poison.E] [Backdoor.Win32.Inject] [W32/BackDoor.D2T!tr] [BackDoor!d2t]

Whois

Property	Value
Name	Domain Admin
Organization	Privacy Protection Service INC d/b/a PrivacyProtect.org
Email	contact@privacyprotect.org
Zip Code	QLD 4218
City	Nobby Beach
State	Queensland
Country	AU
Phone	+45.36946676
NameServer	dns16.parkpage.foundationapi.com
Created	2010-11-27 05:25:12
Changed	2014-11-27 23:22:13
Expires	2015-11-27 05:25:12
Registrar	PDR Ltd. d/b/a Publi