Help RSS API Feed Maltego Contact

Domain > handicraftmag.com

More information on this domain is in AlienVault OTX

Is this malicious?

Most users have voted this as MALICIOUS

Reports

https://twitter.com/ReaQta/status/7455040712980807...

https://www.reddit.com/r/Malware/comments/4p9uli/l...

https://reaqta.com

Files that talk to handicraftmag.com

MD5	A/V
aecb4d74bfcb8addc64c31ea26735406	[JS/Nemucod.jf] [JS.Downloader] [Trojan.Script.Nemucod.ebdqck] [Trojan.Obfus/JS!1.A51E] [HEUR.JS.Trojan.b] [JS/Nemucod.YP!tr.dldr]
1710eb559076546c208bb61a23ebae37	[JS.Downloader] [JS_NEMUCOD.DLDUH] [Trojan.Script.Nemucod.ebdqck] [JS_NEMUCOD.DLDUH] [BehavesLike.JS.ExploitBlacole.xm] [JS/Nemucod.AY!Eldorado] [HEUR.JS.Trojan.b] [JS/Obfus.S45] [JS/Nemucod.jg] [JS/TrojanDownloader.Nemucod.ZU] [Trojan.Obfus/JS!1.A51E] [Trojan-Ransom.Script.Locky] [JS/Nemucod.YP!tr.dldr]
62e80c1f7fc1cb2160a02dd72a0cc69b
938dcd12285edfdee089408c04e120d8	[JS:Trojan.Downloader.Nemucod.AD] [JS/Nemucod.jg] [JS.Downloader] [Trojan.Script.Nemucod.ebdqck] [Trojan.Obfus/JS!1.A51E] [JS_NEMUCOD.DLDUH] [BehavesLike.JS.ExploitBlacole.xm] [JS/Nemucod.AY!Eldorado] [HEUR.JS.Trojan.b] [JS/Obfus.S45] [JS/TrojanDownloader.Nemucod.ZU] [Trojan-Ransom.Script.Locky] [JS/Nemucod.YP!tr.dldr] [Win32/Trojan.Downloader.868]
997425d4f7c3228627a6e09a7fed12be
eaca08da761059c1adbbf5d75db04377
3db32eff3bed526500388d473fc73cb4	[JS.Downloader] [JS/TrojanDownloader.Nemucod.ACS] [Trojan-Downloader:JS/Locky.M] [JS/Nemucod.kh] [JS/Nemucod.BE!Camelot] [TrojanDownloader:JS/Allchantolv.A] [JS/Obfus.S62] [JS/Nemucod.kh] [Js.Trojan.Raas.Auto] [Trojan-Ransom.Script.Locky]
ca7d467000a563c2392972f5dac2155c
b33b00f6ce50ab3219b3ae890fac3a31	[Js.Trojan.Raas.Auto]
145e2ff7627223d44290b2cdfe122372
5afe8a9fe575334e2ab51cf2977f8721
fd0e0c269cd291959da6a89fb007b6bd

Whois

Property	Value
Email	piyarat@srisiam.com
NameServer	NS62-2.BKKSERV.COM
Created	2008-02-29 00:00:00
Changed	2014-03-03 00:00:00
Expires	2020-02-28 00:00:00
Registrar	ONLINENIC, INC.

DNS Resolutions

Date	IP Address
2015-10-20	27.254.33.31 (ClassC)
2024-10-03	104.21.30.131 (ClassC)
2025-03-21	104.21.64.1 (ClassC)
2025-04-21	104.21.96.1 (ClassC)
2025-06-26	104.21.48.1 (ClassC)
2025-07-21	104.21.32.1 (ClassC)
2025-08-04	104.21.16.1 (ClassC)

Port 80

Subdomains

Date	Domain	IP
www.handicraftmag.com	2025-05-23	104.21.16.1

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information