Help RSS API Feed Maltego Contact                        

Domain > msftncsl.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports
https://www.fireeye.com/blog/threat-research/2014/...    

Files that talk to msftncsl.com
MD5A/V
8AF79DEBCAEB4C5C3C59DEAB577B93DC
d5f69a21bcc84e34b0df9d36ea5891d5[Backdoor.RA-based.cb] [Backdoor] [Trojan.Win32.RAbased.bekgjl] [WS.Reputation.1] [Win32/FakeFLDR_i] [Backdoor.Win32.Gulpix.g] [Backdoor.RA-based!InLyWzNGWXE] [Troj/Plugx-G] [Trojan.Click2.44042] [BDS/Plugx.A.74] [Backdoor/RA-Based.ag] [VIRUS_UNKNOWN] [Backdoor:Win32/Plugx.A] [Backdoor.Win32.A.RA-based.333531] [Backdoor/Win32.Gulpix] [Backdoor.Gulpix.g] [Win32/Korplug.AG] [Backdoor.Win32.RA-based] [W32/RA_based.AG!tr.bdr] [RemoteAdmin.CPK] [Trj/CI.A]
24c87d38f3f9fe8248e0455a7fd8a931
1099de6bdd623a02ddb03507452dfbe3[W32.RimecudQKH.Fam.Worm] [Win32/FakeFLDR_i] [Heuristic.BehavesLike.Win32.Suspicious-DTR.K] [Worm.Win32.VBInjectEx.a] [Luhe.Fiha.E]
34B7AEFA22BA56D32E99A717DA47AFE3
4023a87d0759afef49f843be880d2d08[Artemis!4023A87D0759] [Trojan.DownLoader9.51086] [Trojan/Win32.Swisyn] [Trojan.Win32.Bredolab] [SHeur4.BSZZ]

Whois
PropertyValue
Email REACTIVATION-PENDING@ENOM.COM
NameServer DNS2.NAME-SERVICES.COM
Created 2010-11-23 00:00:00
Changed 2014-11-24 00:00:00
Expires 2015-11-23 00:00:00
Registrar ENOM, INC.