home

dl.interstat.eu

Domain Information

Server location:
Arizona, United States (US)

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:
interstat.eu

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.InetStat (M), Threat.Win.Reputation.IMP, PUP.GlobalSurveys (M), PUP.Techsnab (M), Trojan.Downloader, PUP.Techsnab.WM (M)
91.67%

avast!
Win32:Dropper-gen [Drp], Win32:RmnDrp
12.50%

ESET NOD32
Win32/RiskWare.Astori.C application, Win32/Ramnit.H virus, Win32/Ramnit.A virus
12.50%

F-Secure
Riskware.Application.Generic.1269570, Win32.Ramnit.N
12.50%

Emsisoft Anti-Malware
Application.Generic.1269570, Win32.Ramnit.N
12.50%

Norman
Trojan.GenericKD.3105092, Win32.Ramnit.N
12.50%

Dr.Web
Win32.Rmnet.12, probably DLOADER.Trojan
12.50%

VIPRE Antivirus
Threat.4732184, Threat.4726519
8.33%

F-Prot
W32/Ramnit.E, W32/Ramnit.B!Generic
8.33%

Microsoft Security Essentials
Threat.Undefined
8.33%

McAfee
Virus.W32/Ramnit.a
8.33%

AVG
Win32/Zbot.F, Win32/Ramnit.A
8.33%

Sophos
Generic PUA EI
4.17%

Kaspersky
Virus.Win32.Nimnul
4.17%

The domain dl.interstat.eu has been seen to resolve to the following 2 IP addresses.

104.28.9.120
January 2, 2016

104.28.8.120
January 2, 2016

File downloads found at URLs served by dl.interstat.eu.

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v345.exe  (dba484d961cc1be0aff054bc548e1568)

12 / 68    (Infected)
http://dl.interstat.eu/inter_weather_v345.exe  (interstat.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v346.exe  (interstat.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v342.exe  (interstatnogui.exe)

1 / 68      (Malware)
http://dl.interstat.eu/inter_bandwidth_v345.exe  (netmon.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v345.exe  (interstatnogui.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v346.exe  (interstat.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v346.exe  (gpupd572b1f870.exe)

2 / 68      (Malware)
http://dl.interstat.eu/inter_bandwidth_v346.exe  (33e37198a0f899563218b06f043af0ba)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v346.exe  (softwebbar.exe)

11 / 68    (Infected)
http://dl.interstat.eu/inter_weather_v339.exe  (802ba2d166d8531bef3236ec99913bdf)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v345.exe  (ef40bd772d5d1cbe411c9bc2b4c2d290)

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v345.exe  (848bdbfa655c2a7e705817329106720b)

1 / 68      (Malware)
http://dl.interstat.eu/inter_bandwidth_v345.exe  (7f8fc2080c00b525d8827f93cb9f7751)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v342.exe  (interstatnogui.exe)

1 / 68      (Malware)
http://dl.interstat.eu/inter_bandwidth_v342.exe  (speedmon.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v342.exe  (87b90b9368cfe8ed8087d8e933577c75)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v339.exe  (73fb46cbc28254e4a1caabb0c3db7970)

1 / 68      (PUP)
http://dl.interstat.eu/inter_bandwidth_v339.exe  (4bc66f27eb8e902905e5f1ddc9b35a49)

2 / 68      (PUP)
http://dl.interstat.eu/inter_weather_v339.exe  (gpupd56e92ed60.exe)

0 / 68
http://dl.interstat.eu/inter_silent_nt.exe  (inetstat.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v338.exe  (interstatnogui.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_mod_v333.exe  (UserMon.exe)

1 / 68      (PUP)
http://dl.interstat.eu/inter_silent_nt.exe  (inetstat.exe)

6 / 68      (PUP)
http://dl.interstat.eu/inter_silent_nt.exe  (inetstat.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.