» dls1.mailru.su
Overview
Analysis
IPs Addresses (1)
Downloads (5)

dls1.mailru.su

Domain Information

Server location:

Moscow City, Russia (RU)

ASN:

AS47764 MAILRU-AS Mail.Ru, RU

Root domain:

mailru.su

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.MailRu.h, Win32.Generic

100.00%

Malwarebytes

PUP.Downloader.LoadMoney

20.00%

K7 AntiVirus

Trojan

20.00%

F-Prot

W32/LoadMoney.F3.gen

20.00%

ESET NOD32

Win32/LoadMoney.AA (variant)

20.00%

avast!

Win32:Downloader-TYN [PUP]

20.00%

Kaspersky

not-a-virus:HEUR:Downloader.Win32.LMN

20.00%

Sophos

Troj/LdMon-A

20.00%

Dr.Web

Trojan.LoadMoney.1

20.00%

VIPRE Antivirus

Trojan-Downloader.Win32.LoadMoney.u

20.00%

Avira AntiVirus

APPL/Downloader.Gen

20.00%

Rising Antivirus

Trojan.DL.Small!4D00

20.00%

IKARUS anti.virus

Virus.Win32.Cryptor

20.00%

Panda Antivirus

Suspicious file

20.00%

The domain dls1.mailru.su has been seen to resolve to the following IP address.

217.69.135.240

dlp1.mail.ru

November 16, 2013

File downloads found at URLs served by dls1.mailru.su.

1 / 68 (Malware)

http://dls1.mailru.su/output/6pt08lqvr2bt37unu5u2bu8vwv52bx032fjt7l2fm6ezl32bnkvq3d3d/02/74/d2/80/.../timati_ft_grigoriy_leps_-_rekviem_po_lyubvi.exe (cdd4d0e82e809e3e9c30910e19cb23b2)

1 / 68 (Malware)

http://dls1.mailru.su/output/fwfhzs86omjiyjtmennhc3pnc2dwcdt2eng6cnbhzmvzfhlwo2v9zsp8csg3d/00/00/05/15/.../wrar500b7ru.exe (2ad8633c15c3e2bf66ff52fc14d4418f)

1 / 68 (Malware)

http://dls1.mailru.su/output/ijsuknrpz5sbi4wjjoapzpkvz4efll2byjyzfhommhb2bjhn03d/02/2e/f8/e0/.../flashplayer11.exe (cf2e0f225e13d80e2c8552ca71e14892)

1 / 68 (Malware)

http://dls1.mailru.su/output/72fpz972oqopi82bbu62bpw6an18qjg4vpy42bjw6evo5upy2f2brr2ls47uo6/00/31/7f/87/.../av_update_win.exe (f8f8c8bf4691a9787207c6e37a3e4ca0)

14 / 68 (PUP)

http://dls1.mailru.su/output/lymjjcfs0oqkitpmzc3mjpkbidoekpdsmpijjo2bljgy042vjckumca3d/00/00/0e/fd/.../msjavwu_8073687b82d41db93f4c2a04af2b34d.exe (512183c0cc3d6997b9640129bb58ea6d)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.