Russian hackers hacking hackers.
Questionable domain: http://urlquery.net/report.php?id=1480444739610
Also into credit card hacking: http://toolbar.netcraft.com/site_report?url=APT28.SU
Semi-official malware and backdoor launching site or RBN domain? read:->
https://www.fireeye.com/blog/threat-research/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html
Could be it is only being flagged because it is a dot su domain, as urlquery dot net flags all :-X
polonus