Help RSS API Feed Maltego Contact                        

Domain > extcitrix.we11point.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

http://www.secureworks.com/cyber-threat-intelligen...    
http://www.symantec.com/connect/blogs/black-vine-f...    
http://www.symantec.com/content/en/us/enterprise/m...    
http://www.threatconnect.com/news/the-anthem-hack-...    
https://otx.alienvault.com/pulse/54f09d6613432a4b0...    
https://otx.alienvault.com/pulse/55b7888c4637f26f0...    
https://otx.alienvault.com/pulse/55bb9a424637f2386...    
https://otx.alienvault.com/pulse/56af8cc34637f2355...    

Files that talk to extcitrix.we11point.com

MD5A/V
98721c78dfbf8a45d152a888c804427c[W32.HfsAdware.6B12] [Trojan.Sakelua.r5] [Trojan.Win32.Sakelua.drlhwi] [Backdoor.Mivast] [Win32/Shyape.J] [TROJ_SAKUREL.D] [Trojan.Win32.Sakelua.a] [Trojan.Sakelua!] [UnclassifiedMalware] [Trojan.Sakelua.Win32.2] [TROJ_SAKUREL.D] [BackDoor-FCLT] [W32/Backdoor.VPYY-1933] [Trojan/Sakelua.a] [TrojanDropper:Win32/Derusbi!dha] [Trojan.Zusy.D20701] [BackDoor-FCLT] [Trojan.Sakelua] [Trj/CI.A] [Win32.Trojan.Sakelua.Hufi] [Trojan.DtopToolz] [PossibleThreat.SB!tr.dldr] [Trojan.Win32.Sakelua.a]
c384e7f567abd9ea50f647715a28661a[W32.HfsAdware.6B12] [Trojan.Sakelua.r5] [Trojan.Win32.Sakelua.dpgrla] [W32/Trojan.PFGO-7220] [Heur/PackedMal.ZABW!suspicious] [Trojan.Win32.Sakelua.a] [Trojan.Sakelua!] [UnclassifiedMalware] [Trojan.Sakelua.Win32.2] [BackDoor-FCLT!C384E7F567AB] [Mal/Cleaman-B] [Trojan/Sakelua.a] [Trojan/Win32.Sakelua] [BackDoor-FCLT!C384E7F567AB] [Trojan.Sakelua] [Trj/CI.A] [Win32/Shyape.J] [Trojan.Win32.Sakelua] [W32/Sakelua.A!tr] [Trojan.Win32.Shyape.J]

Whois

PropertyValue
Email admin@we11point.com
NameServer NS1.HAIYAO.INFO
Created 2014-04-21 00:00:00
Changed 2015-01-22 00:00:00
Expires 2015-04-21 00:00:00
Registrar GODADDY.COM, LLC