Help API Feed Maltego Contact                        

Malware > ff40c41a8c3bbcc848955e9aba730cc7

Is this malicious?

Reports
http://malwr.com/analysis/NjUxNDM0MmQ1MzQ4NDZhYjk5...    
https://www.virustotal.com/file/b67a6d1cac0d9acd46...    
MD5ff40c41a8c3bbcc848955e9aba730cc7
SHA122b262bc4ddab11851e20dfcfe52e90e932d42a5
FilenameWin32_Cutwail.CBF.exe
IPs[65.55.176.126]
IPs[210.48.67.144]
IPs[5.56.61.199]
IPs[74.124.195.5]
IPs[66.49.139.143]
IPs[194.50.126.226]
IPs[50.28.58.0]
IPs[37.187.20.229]
IPs[50.62.112.1]
IPs[162.159.241.72]
IPs[186.2.166.26]
IPs[81.209.182.37]
IPs[162.159.247.190]
IPs[67.223.102.236]
IPs[199.19.85.86]
IPs[162.159.247.49]
IPs[209.208.32.251]
IPs[122.219.254.148]
IPs[193.23.143.117]
IPs[174.136.57.160]
IPs[112.175.11.231]
IPs[50.2]
Domains   [smtp.live.com]
[stecom.nl]
[unslp.edu.bo]
[konishi-hp.com]
[eleterno.com]
[iktus.fr]
[business-edge.com]
[mastergrp-spb.ru]
[fraser-high.school.nz]
[pcpeds.com]
IP Addresses   [65.55.176.126]
[210.48.67.144]
[5.56.61.199]
[74.124.195.5]
[66.49.139.143]
[194.50.126.226]
[50.28.58.0]
[37.187.20.229]
[50.62.112.1]
[162.159.241.72]
Antivirus[BackDoor.Bulknet.1391]
[Backdoor.Pushdo!A7OmBd8dZG8]
[Backdoor.Pushdo.Win32.749]
[BackDoor.Win32.Pushdo.77]
[Backdoor.Win32.Pushdo.rkl]
[Backdoor/W32.Pushdo.91648]
[Backdoor/Win32.Necurs]
[HEUR/Malware.QVM20.Gen]
[PE:Malware.XPACK-HIE/Heur!1.9C48]








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information