Help RSS API Feed Maltego Contact                        

Domain > xfyubqmldwvuyar.yt

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?

Most users have voted this as MALICIOUS

Reports

http://ransomwaretracker.abuse.ch/downloads/RW_DOM...    
http://ransomwaretracker.abuse.ch/feeds/csv/    
https://medium.com/@networksecurity/locky-ransomwa...    
https://otx.alienvault.com/pulse/56c2ff4a67db8c71b...    
https://otx.alienvault.com/pulse/56c4d3e367db8c125...    
https://otx.alienvault.com/pulse/56c703ff67db8c125...    
https://otx.alienvault.com/pulse/56e85de34637f24cb...    
https://otx.alienvault.com/pulse/56f115a34637f2285...    
https://ransomwaretracker.abuse.ch/downloads/RW_DO...    
https://kc.mcafee.com/resources/sites/MCAFEE/conte...    
https://techhelplist.com/spam-list/1050-invoice-20...    
https://twitter.com/bartblaze/status/6995455647829...    
https://www.microsoft.com/security/portal/threat/e...    

Files that talk to xfyubqmldwvuyar.yt

MD5A/V
174ae0a6c0025092157cee994e10800d[HEUR.VBA.Trojan.d] [heur.macro.download.1i]
cbe75061eb46adabc434ead22f85b36e
0f5145c6fff2f535c85a147a122ecf66[HEUR.VBA.Trojan.d] [heur.macro.download.1i]
e22f77892cb4ed72e58c84bc18e33c69[Artemis!E22F77892CB4] [Trojan.Reconyc.Win32.16216] [Trojan.Kazy.DB5A5D] [Trojan.Win32.Reconyc.fetu] [Trojan.DownLoader19.19482] [BehavesLike.Win32.Downloader.nh] [Trojan/Win32.Reconyc] [Trojan.Win32.Malex] [W32/Reconyc.FETU!tr] [Win32/Heim] [Trj/CI.A] [Win32/Trojan.97a]
f577ea49e80523072cb1a27c4dbf29ba[HEUR.VBA.Trojan.d] [heur.macro.download.1i]
fb6ca1cd232151d667f6cd2484fee8c8
ff25ebfc425a5576f1a5d965db1a3f15
b7ce4d4b7b12a9421bb78a98fca0fe84
a6752020ce9dd79539dc26544d75e23b
64ecca47a8e23808721d7452bbe2762a
d925a4fea6a0e5c12882762317774299
35ad9b5d39434cb50d45d7bb69f30fa0[Macro.Troj.Downloader!c] [HEUR.VBA.Trojan.d] [heur.macro.download.1i]
ac5c5ebf10d8551b147d7855efde43b4[HEUR.VBA.Trojan.d] [heur.macro.download.1i]
b866d30d3fbbb037926570bd02241f27[Artemis!B866D30D3FBB] [Trojan.Crypt.SPC] [Trojan.Win32.Reconyc.ffje] [Uds.Dangerousobject.Multi!c] [BehavesLike.Win32.PWSZbot.fc] [TR/Crypt.Xpack.401971] [PossibleThreat.P0] [Trojan.Win32.Crypt]
1fd40a253bab50aed41c285e982fca9c[Suspicious.Cloud.5]
58c3071c493912cfe05794cfb909c608[Macro.Troj.Downloader!c] [HEUR.VBA.Trojan.d] [heur.macro.download.1i]
27f678f311ff5c963c816e73c048a746
8d3980f6651ad7695770b8fbad0c4463
4cab528ecb8ca7d86676dcd2cc18596d
7647c29c27ee13cec6cce6b2ba94efea[Macro.Troj.Downloader!c] [HEUR.VBA.Trojan.d] [heur.macro.download.1i]

Whois

PropertyValue
Email kevin.beaumont@gmail.com
NameServer ns2.netim.net
Created 2016-02-17 00:00:00
Changed 2016-02-17 00:00:00
Registrar NETIM