Domain > wtfisgoinghereff.com

More information on this domain is in AlienVault OTX

Is this malicious?

Reports

https://otx.alienvault.com/pulse/56af389a67db8c6aa...

https://otx.alienvault.com/pulse/56b2251167db8c168...

https://techhelplist.com/spam-list/1039-money-tran...

https://www.virustotal.com/it/file/438b63ca5ec228e...

Files that talk to wtfisgoinghereff.com

MD5	A/V
d9f8ff6470be54daf2a78d65cb099dbe	[Win32.Trojan.Raas.Auto] [BehavesLike.JS.Downloader.xv] [JS/DwnLdr-NBY]
d6f4b64f9594c899f7fb36aba9264c77
2cec46dbc7c6027c5079eb74e9c5825e	[JS/Nemucod.bw] [JS/DwnLdr-NBY] [BehavesLike.JS.Downloader.xv] [Win32.Trojan.Raas.Auto]
30b2082b4add8481aab980dd1b930008	[JS/Nemucod.bw] [JS/DwnLdr-NBY] [BehavesLike.JS.Downloader.xv] [Win32.Trojan.Raas.Auto]
059f2ed12c163fb1ea313b7dcd5ad80b
cfc1a13ecea0d35f499681cd4bef54e1
ba3f3a99f6aa79ab6c7e8308f9fc3926
f75af33c3b12fddeed5928304c344f26
30a71df215e5f6eb833c29d714a40082
561a20113c05eac9dd233e3d5d045f0b	[JS/Nemucod.bw] [Troj.Downloader.Script!c] [JS/TrojanDownloader.Nemucod.DU] [JS/DwnLdr-NBY] [BehavesLike.JS.Downloader.xv] [JS/Downldr.DB!Eldorado] [JS/Nemucod.aipbca] [JS/TrojanDropper.A!tr] [HEUR.JS.Trojan.b]
157129673c500602972836a145721345
eff5f3a70ab377ed54ac815bea38d484
6600fadd7094a0e041efaedb7ed7727d
6212035c20c5183ec37d873a250a9e67	[BehavesLike.JS.Downloader.xv] [JS/DwnLdr-NBY] [JS/Downldr.DB!Eldorado] [JS/Nemucod.bw] [JS/Nemucod.DS!tr]
2b19a3d7e5cd71ac1f900cd8955921fb	[JS/Nemucod.bw] [JS_NEMUCOD.XYZV] [Win32.Trojan.Raas.Auto] [JS/DwnLdr-NBY] [JS_NEMUCOD.XYZV] [BehavesLike.JS.Downloader.xv] [Trojan-Downloader.Script.CryptoWall] [JS/Nemucod.DS!tr]
f7707e3c578d1e1d74a76c5adcd27089
4e377c9dabae8b261e3ceb2a8dfc2325
890d4675f5fdab03e589ceef2d8c832c	[BehavesLike.JS.Downloader.xv] [JS/DwnLdr-NBY] [JS/Nemucod.bw]
dac816a3e8ed73651589fadf67f98c93	[JS/DwnLdr-NBY] [BehavesLike.JS.Downloader.xv] [JS/Nemucod.DS!tr] [JS/Nemucod.bw]
025994f7d43b0dc70930340018f4c4d8	[JS:Trojan.JS.Downloader.CB] [JS:Trojan.JS.Downloader.CB] [JS/Nemucod.bw] [JS:Trojan.JS.Downloader.CB] [JS:Trojan.JS.Downloader.CB] [JS/Downldr.DB!Eldorado] [JS:Trojan.JS.Downloader.CB] [JS:Trojan.JS.Downloader.CB] [BehavesLike.JS.Exploit.xv] [JS/DwnLdr-NBY] [JS/Nemucod.aipbca] [TrojanDownloader:JS/Swabfex] [JS:Trojan.JS.Downloader.CB] [JS/Downloader] [JS:Trojan.JS.Downloader.CB] [JS/TrojanDownloader.Nemucod.DU] [Trojan-Downloader.Script.CryptoWall] [JS/Nemucod.DS!tr]

Whois

Property	Value
Email	balster@wtfisgoinghereff.com
NameServer	DNS2.WTFISGOINGHERESDF.WS
Created	2016-02-02 00:00:00
Changed	2016-02-04 00:00:00
Expires	2017-02-02 00:00:00
Registrar	WEB COMMERCE COMMUNI