home

du2.carambis.com

Media Fog Ltd

Domain Information

The domain du2.carambis.com registered by Media Fog Ltd was initially registered in August of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sloboda, Voronezh within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Voronezh, Russia (RU)

Create date:
Wednesday, August 6, 2008

Expires date:
Saturday, August 6, 2016

Updated date:
Monday, July 6, 2015

ASN:
AS29470 RETNNET-AS JSC _RetnNet_,RU

Root domain:
carambis.com

Whois:
1 carambis.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ROSTPAY.Installer (M), PUP.MediaFrog.ROSTPAY.Installer (M)
100.00%

avast!
Win32:Agent-AYCR [PUP]
42.86%

Dr.Web
Program.Unwanted.328
42.86%

The domain du2.carambis.com has been seen to resolve to the following IP address.

46.46.160.233
February 10, 2016

File downloads found at URLs served by du2.carambis.com.

1 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9633_nd3bx.exe  (installerdu-2.4.2.9633.exe)

1 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9633_ndtip.exe  (installerdu-2.4.2.9633.exe)

1 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9633_nd3bx.exe  (installerdu-2.4.2.9633.exe)

3 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9632_drtu.exe  (installerdu-2.4.1.3369.exe)

1 / 68      (PUP)
http://du2.carambis.com/InstallerDU-2.4.2.9633.exe  (2c211fc486de45f32bc9a64d3a9a24cc)

3 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9631_ndtip.exe  (installerdu-2.4.1.3369.exe)

3 / 68      (PUP)
http://du2.carambis.com/.../InstallerDU-2.4.2.9633_nd3bx.exe  (installerdu-2.4.1.3369.exe)

The following 111 files have been seen to comunicate with du2.carambis.com in live environments.

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
ScreenShooter.exe (ScreenShooter by Carambis)

TCP » 46.46.160.233:80
installerdu.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
su-pro.exe (Carambis Software Updater Pro by ROSTPAY)

TCP » 46.46.160.233:80
dupdater.exe (Carambis Driver Updater by MEDIA FOG)

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
driverupdater.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
carambiscleaner.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.3.1.7789.exe (Carambis Installer by Carambis (MEDIA FOG.))

TCP » 46.46.160.233:80
installercc-1.3.3.5315.exe (Carambis Installer by Carambis (ROSTPAY.))

 
Latest 20 of 111 files

URL:
http://du2.carambis.com/

Google Analytics:
UA-753548

Title:
“Carambis software - all that you need!”

Web server:
nginx

azfonts.net

carambis.fr

carambis.ru

dll.ru

nodevice.com

nodevice.fr

softlim.com

softsalad.com

softsalad.ru

techno-files.com

timeserver.ru

vpnservice.ru

windowsdrivers.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.