Help RSS API Feed Maltego Contact                        

Domain > provisorio.ws

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to provisorio.ws
MD5A/V
c11c8dd33803541caa36edfbef712d00
afdcd2aa2ed4dbeabc4cbb82fe90b057[Trojan.Banker] [Mal/VMProtBad-A]
7307d854f9501d9301c928bd654a33ec[Artemis!7307D854F950] [Trojan.Banker] [Riskware] [TSPY_BANKER.UZQ] [UnclassifiedMalware] [TR/Symmi.7913.6] [Heuristic.LooksLike.Win32.SuspiciousPE.N!87] [Mal/Behav-363] [Trojan/Win32.Dapato] [W32/Trojan.UGIJ-8048] [Win32.SuspectCrc] [Malware_fam.NB] [SHeur4.BNGS] [Trj/CI.A]
385ccee40260f93898d1c09fa45afad4
49dc0946d3bf6f77d0cc5ee855d6f8f7
f0abf04fb691e99765bdd7117b3ccb22
12b4c54986c20410f72cf2c58ec80f82[HW32.Stranact.scca] [Trojan/Win32.Bancos]
387ef7d1f1596ab8cedd0f87a86d54d6[Trojan.Win32.XPACK.cztsvz] [Trojan.Bankfraud.1364] [Trojan/Win32.Bancos]
07332bb37cbc6c3428a84af240ed6da4[W32/Banload.UKZ!tr.dldr]
8284359fecb10f190a5376503696e0d4
9df9899509ebda5e0b7e4e49cacedc72
82f2210c0b52b0967657337d4a7066f3[JS:Trojan.JS.Downloader.FLO] [JS:Trojan.JS.Downloader.FLO] [JS.Trojan-Downloader.Nemucod.jn] [JS/Locky.AY] [JS.Downloader] [JS/TrojanDownloader.Nemucod.AWW] [JS:Trojan.JS.Downloader.FLO] [Trojan.Script.Heuristic-js.iacgm] [Js.Trojan.Raas.Auto] [JS:Trojan.JS.Downloader.FLO] [JS:Trojan.JS.Downloader.FLO] [JS.DownLoader.2171] [JS/Nemucod.jg] [Mal/JSDldr-M] [JS/Locky.AY] [JS/Dldr.Locky.aipiia] [JS:Trojan.JS.Downloader.FLO] [JS/Nemucod.jg] [Win32.SuspectCrc] [JS:Trojan.JS.Downloader.FLO]
e5818639a0962a8a664e0de078bbb2c7
67ea5d1c2cc90b8b3807d4d25aac2133
12c360d78ccec70212c8e799bb572a7a[JS.Trojan-Downloader.Nemucod.jn] [JS/Locky.AY] [Trojan.Script.Heuristic-js.iacgm] [Js.Trojan.Raas.Auto] [JS.DownLoader.2173] [JS/Locky.AY]
e0a8fdf1feeeb084bc4006456def6b5d[Trojan.JS.Downloader.FLW] [Trojan.JS.Downloader.FLW] [JS.Trojan-Downloader.Nemucod.jn] [JS/Locky.AY] [JS/TrojanDownloader.Nemucod.AXE] [Trojan.JS.Downloader.FLW] [Trojan.Script.Heuristic-js.iacgm] [Js.Trojan.Raas.Auto] [Trojan.JS.Downloader.FLW] [Trojan.JS.Downloader.FLW] [JS.DownLoader.2173] [JS/Locky.AY] [JS/Dldr.Krypt.91216] [TrojanDownloader:JS/Swabfex.P] [Trojan.JS.Downloader.FLW] [JS/Obfus.S129] [JS/Nemucod.jg] [Win32.SuspectCrc]
013d42aaea01a40dcfc347b14968ef9f[Artemis!013D42AAEA01] [Trojan.Banload] [TrojanDownloader:Win32/Banload.AWO] [Trojan.Win32.Banload.cAWO]
486cfdd24631710dcd8d67d809718d65[HW32.CDB.52df] [Backdoor.Win32.Hupigont!O] [Packed/PECompact] [Mal/Banload-AB]
b9167dc211f22b0d4ea1feffa9abb7a8[Trojan.Win32.ChePro] [W32/BANLOAD.TAP!tr]
eeb8b99e5e64fe3d8829871c19d01418[Packed.Win32.Zcrypt.3!O] [Artemis!EEB8B99E5E64] [Trojan.Win32.Changeling.ctutvr] [WS.Reputation.1] [TSPY_INFOSTIL.TY] [UnclassifiedMalware] [TR/Changeling.A.545] [Heuristic.BehavesLike.Win32.ModifiedUPX.J] [Trojan.BAT.Spyware.N]

DNS Resolutions
DateIP Address
2011-03-02187.45.241.122 (ClassC)
2013-02-15186.202.95.150 (ClassC)
2013-05-19186.202.153.148 (ClassC)
2013-11-11186.202.153.193 (ClassC)
2013-11-13186.202.153.36 (ClassC)
2013-12-18186.202.153.43 (ClassC)
2014-02-01186.202.153.214 (ClassC)
2014-05-14186.202.153.72 (ClassC)
2014-08-12187.45.240.113 (ClassC)
2015-01-22186.202.153.138 (ClassC)
2015-03-09186.202.153.121 (ClassC)
2015-03-09186.202.153.221 (ClassC)
2015-03-09186.202.153.21 (ClassC)
2015-03-09186.202.153.183 (ClassC)
2015-03-10186.202.123.51 (ClassC)
2015-03-11187.45.193.10 (ClassC)
2015-03-11186.202.153.204 (ClassC)
2015-03-11186.202.149.189 (ClassC)
2015-03-12187.45.240.71 (ClassC)
2015-03-20186.202.153.185 (ClassC)
2015-03-20186.202.153.173 (ClassC)
2015-03-20186.202.132.213 (ClassC)
2015-03-20187.45.195.176 (ClassC)
2015-03-21187.45.240.111 (ClassC)
2015-03-21200.234.196.110 (ClassC)
2015-03-22186.202.153.158 (ClassC)
2015-03-22186.202.153.169 (ClassC)
2015-03-22186.202.153.95 (ClassC)
2015-03-22187.45.193.72 (ClassC)
2015-03-28186.202.153.18 (ClassC)
2015-03-30201.76.59.35 (ClassC)
2015-04-02186.202.124.238 (ClassC)
2015-04-02187.45.198.10 (ClassC)
2015-04-04187.45.207.152 (ClassC)
2015-04-10187.45.195.189 (ClassC)
2015-04-10187.45.241.131 (ClassC)
2015-04-19186.202.153.85 (ClassC)
2015-04-19186.202.153.34 (ClassC)
2015-04-19186.202.157.79 (ClassC)
2015-04-19186.202.153.154 (ClassC)
2015-04-24186.202.149.190 (ClassC)
2025-05-17186.202.19.203 (ClassC)

Subdomains
DateDomainIP
site1393275721.provisorio.ws2014-05-29186.202.153.72
site1071.provisorio.ws2014-01-21186.202.153.122
localcred02.provisorio.ws2025-05-17186.202.157.79
site1389307772.provisorio.ws2014-06-11186.202.153.66
site14070171815.provisorio.ws2014-11-11179.188.11.32
site1382371826.provisorio.ws2025-04-28186.202.153.206
site1365468166.provisorio.ws2015-05-17186.202.149.40
site1365185637.provisorio.ws2014-06-25186.202.153.144
site1378233787.provisorio.ws2025-05-15186.202.153.183
site1375764497.provisorio.ws2014-06-18186.202.153.173
site1365090858.provisorio.ws2014-06-12186.202.153.144
ftp.site1391190498.provisorio.ws2014-04-11186.202.149.152
site1365774109.provisorio.ws2014-06-19186.202.153.142
ohana.provisorio.ws2025-05-10186.202.157.79
sementhepoa.provisorio.ws2025-03-05186.202.157.79
harborconstrutora.provisorio.ws2025-04-27186.202.153.36
lagoabonita.provisorio.ws2025-05-07186.202.157.79
dptoweb.provisorio.ws2015-04-04186.202.95.63
g4rh.provisorio.ws2025-05-08186.202.157.79
focometal.provisorio.ws2025-05-08186.202.153.222
siteantigo.provisorio.ws2024-12-30186.202.157.79
nacionalcheckup.provisorio.ws2025-04-29186.202.157.79
fadipabr.provisorio.ws2025-05-08186.202.153.152
bancoisorares.provisorio.ws2025-05-08186.202.157.79
grupoassist.provisorio.ws2025-05-06186.202.153.18
fabrinox.provisorio.ws2025-04-29186.202.153.27
craftinox.provisorio.ws2025-04-23186.202.153.27
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information