Help RSS API Feed Maltego Contact                        

Domain > rotter2.publicvm.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://pwc.blogs.com/cyber_security_updates/2015/0...    
http://researchcenter.paloaltonetworks.com/2017/01...    
https://otx.alienvault.com/pulse/56090c9f4637f21ec...    
https://otx.alienvault.com/pulse/5609918267db8c47d...    
https://securelist.com/blog/research/72283/gaza-cy...    

Files that talk to rotter2.publicvm.com
MD5A/V
e540076f48d7069bacb6d607f2d389d9[Backdoor.Poison.r4] [Trojan.Inject.Win32.162100] [Trojan.Inject!gqwOKT9tvLY] [Poison.ACNZ] [Win32/Poison.eRdMCJB] [TROJ_SMACOM.A] [Trojan.Win32.Inject.upwi] [Trojan.Win32.A.Inject.429056.B[h]] [Win32.Trojan.Inject.Airg] [TrojWare.Win32.Poison._0] [Trojan.DownLoader12.49145] [TR/Crypt.Xpack.157514] [Trojan/Win32.Inject] [Backdoor:Win32/Poison.I] [Win32/Poison.NCY] [Trojan.Win32.Poison] [W32/Poison.NCY!tr] [Atros.OAF]
bc42a09888de8b311f2e9ab0fc966c8c

Whois
PropertyValue
Email jchen@dnsexit.com
NameServer NS11.DNSEXIT.COM
Created 2007-07-19 00:00:00
Changed 2014-08-04 00:00:00
Expires 2015-07-19 00:00:00
Registrar NETDORM, INC. DBA DN