Domain > apotheke-stiepel.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

https://blogs.sophos.com/2016/01/06/the-current-st...

Files that talk to apotheke-stiepel.com

MD5	A/V
0aa2129d4c34230c758edb2371c55435	[JS:Trojan.Script.CQX] [JS:Trojan.Script.CQX] [JS:Trojan.Script.CQX] [BehavesLike.JS.ExploitBlacole.xv] [JS:Trojan.Script.CQX]
446071be407efeb4e0d7c83bb504774a
92c4dd41e6fcfaead5290a4fcd3f144b
a446eaca4d14b5eacf45c0604d43f278
4b0337453d575e49b704f4e311c37284
616270f7e2c1c1ef134c46a79d09798f
24a87c47bb9f0655708613fc50f83732
e27417c723a341a4c6dd88e350cca761	[Trojan.Win32.Swizzor.1!O] [BehavesLike.Win32.PackedAP.fh] [Win32.Trojan.Bp-ransomware.Ejqz]
e79b66756a9b6156392192560f81e2ff	[Trojan.MalPack] [Trojan.Encoder.3104] [BehavesLike.Win32.Sality.dh]
7167dcfe97e5e43aa0bc6d1d12e89d85
57408cecd35d55e73629e1dfda8894bf	[HW32.Packed.1C7E] [Ransom.Teslacrypt.D4] [Ransom.FileCryptor] [Trojan.Win32.AVKill.dzajbw] [Ransom_CRYPTESLA.SM] [Trojan.Win32.Yakes.nprb] [Trojan.Yakes!tr20ym672BQ] [Trojan.Win32.TeslaCrypt.393216.A[h]] [Trojan.AVKill.59520] [Trojan.Kryptik.Win32.823582] [BehavesLike.Win32.Madangel.fh] [W32/Trojan.DSVW-7517] [TR/Crypt.ZPACK.220626] [Ransom:Win32/Tescrypt!rfn] [SScope.Malware-Cryptor.Drixed] [Trj/CI.A] [Win32.Trojan.Inject.Auto] [Trojan.Win32.Crypt] [W32/Kryptik.DL!tr] [Zbot.AKMO] [Trojan.Win32.Yakes.nprb]
3e2b9586cc72b7a93bccf650dfe3b0d1	[Ransom.Crowti.OL9] [Ransom.FileCryptor] [Win32.Trojan.Filecoder.k] [W32/Ransom.RWIX-4907] [Trojan.Cryptolocker.N] [Win32/Filecoder.TeslaCrypt.A] [Ransom_CRYPTESLA.SM] [Trojan.Win32.Yakes.npwn] [Trojan.Win32.AVKill.dzaesw] [Troj.W32.Yakes!c] [Win32.Trojan.Yakes.Lkxv] [Mal/Ransom-DL] [Trojan.AVKill.59516] [Trojan.Filecoder.Win32.1471] [Trojan.Yakes.dor] [TR/Crypt.ZPACK.220917] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt!rfn] [SScope.Malware-Cryptor.Drixed] [Trj/GdSda.A] [Trojan.Yakes!pHsaqQ0/csI] [Trojan.Win32.Filecoder] [W32/Kryptik.EQAX!tr] [FileCryptor.FJN] [Trojan.Win32.Yakes.npwn]
c4d7e8fbf0762d27b7952cd143a24ecd	[W32.Clod609.Trojan.7556] [Trojan/Win32.Teslacrypt.N1819769573] [Ransom.Crowti.OL9] [Ransom.FileCryptor] [Troj.W32.Yakes!c] [Win32.Trojan.Filecoder.k] [Trojan.Cryptlock.N!g1] [Win32/Filecoder.TeslaCrypt.A] [Ransom_CRYPTESLA.SM] [Trojan.Win32.Yakes.npwn] [Trojan.Win32.AVKill.dzaesw] [Trojan.AVKill.59516] [Trojan.Filecoder.Win32.1471] [Mal/Ransom-DL] [W32/Trojan.VJMI-6081] [Trojan.Yakes.dor] [TR/Crypt.ZPACK.220917] [Trojan/Win32.Yakes] [Ransom:Win32/Tescrypt!rfn] [SScope.Malware-Cryptor.Drixed] [Trj/GdSda.A] [Win32.Trojan.Bp-ransomware.Ejqz] [Trojan.Yakes!pHsaqQ0/csI] [Trojan.Win32.Filecoder] [W32/Kryptik.EQAX!tr] [FileCryptor.FJN] [Trojan.Win32.Yakes.npwn]

Whois

Property	Value
Email	apotheke@ruhrland.de
NameServer	SHADES16.RZONE.DE
Created	2009-03-20 00:00:00
Changed	2015-03-21 00:00:00
Expires	2016-03-20 00:00:00
Registrar	CRONON AG