home

67m044c49krhfa4.akyoab.ru

CORLEON GROUP LTD

Domain Information

The domain 67m044c49krhfa4.akyoab.ru registered by CORLEON GROUP LTD was initially registered in June of 2014 through REGRU-REG-RIPN. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
REGRU-REG-RIPN

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Friday, June 13, 2014

Expires date:
Saturday, June 13, 2015

ASN:
AS5580 HIBERNIA TripartZ B.V.,NL

Root domain:
akyoab.ru

Whois:
1 akyoab.ru record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

avast!
Win32:SMSSend-CFZ [Trj]
100.00%

ESET NOD32
Win32/InstallMonstr.EN potentially unwanted application
100.00%

Dr.Web
Trojan.InstallMonster.146
100.00%

Malwarebytes
Trojan.SMSHoax
100.00%

Norman
InstallMonster.H
100.00%

Sophos
Troj/ArchSMS-Y
100.00%

Zillya! Antivirus
Trojan.Inject.Win32.73106
100.00%

G Data
Win32.Application.Installmonstr
100.00%

Panda Antivirus
Trj/Genetic.gen
100.00%

The domain 67m044c49krhfa4.akyoab.ru has been seen to resolve to the following IP address.

5.149.254.185
June 22, 2014

File downloads found at URLs served by 67m044c49krhfa4.akyoab.ru.

9 / 68      (PUP)
http://67m044c49krhfa4.akyoab.ru/.../?j=c2lkPTg1MiZ1cmw9aHR0cCUzQSUyRiUyRnR1cmJvYml0bC5ydSUyRmZpbGVzJTJGU2V0dXAuemlwJm5hbWU9U2V0dXAuemlwJnR5cGU9ZGlzayZzaXplPTEyNTgyOTEy  (setup.exe)

URL:
http://67m044c49krhfa4.akyoab.ru/

Web server:
nginx/1.4.2 (PHP/5.4.17)

emrund.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.