files.przone.ru

Private Person  (Proxy Registrant)

Domain Information

The domain files.przone.ru is registered by proxy through REGTIME-RU and was originally registered in July of 2006. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
REGTIME-RU

Server location:
Moscow City, Russia (RU)

Create date:
Monday, July 3, 2006

Expires date:
Sunday, July 3, 2016

ASN:
AS197695 AS-REGRU _Domain names registrar REG.RU_, Ltd,RU

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DestinyMedia.Q, PUP.Zona.Chetvertoepokolenie.Installer.Meta (L), PUP.DestinyMedia.Installer (M), PUP.Zona.Chetvertoepokolenie.Installer.Meta (M)
100.00%

Rising Antivirus
PE:PUF.Zona!1.9E06
75.00%

AVG
Generic
75.00%

Panda Antivirus
Trj/Genetic.gen, Generic Suspicious, Trj/CI.A
75.00%

IKARUS anti.virus
PUA.ZvuZona
75.00%

Qihoo 360 Security
HEUR/Malware.QVM18.Gen, Malware.QVM06.Gen, HEUR/QVM41.1.Malware.Gen, Win32/Virus.Adware.95e
75.00%

Fortinet FortiGate
Riskware/ZvuZona, Riskware/Adload
75.00%

Comodo Security
Application.Win32.ZvuZona.A
66.67%

Dr.Web
Program.Zona.4, Program.Zona.28, Program.Zona.34, Program.Zona.41
66.67%

VIPRE Antivirus
Trojan.Win32.Generic, Adware.Win32.ZvuZona
66.67%

ESET NOD32
Win32/ZvuZona (variant), Win32/ZvuZona.A potentially unwanted (variant)
66.67%

Sophos
Generic PUA GE, Generic PUA MO, Generic PUA JD, Generic PUA LL, Generic PUA LD
66.67%

G Data
Gen:Variant.Strictor.63180, Win32.Application.ZvuZona
66.67%

McAfee
Artemis!0971572C4A8E, Artemis!6080FAFCD444, ZvuZona
58.33%

Malwarebytes
PUP.Optional.Zona
58.33%

The domain files.przone.ru has been seen to resolve to the following 2 IP addresses.

s.przone.ru
February 28, 2016

s.przone.ru
May 4, 2015

File downloads found at URLs served by files.przone.ru.

31 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (3da4e08e6ae3985e7b324cfd605ce593)

23 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (0971572c4a8e9ab5c951c0ef4ef4130b)

23 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (b3382e258b860fa38451358a8dc0ea2a)

37 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (88e83e3e83f3164f0570aa81948f6d0c)

1 / 68      (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (71d2246323337230d344f4009ba0867c)

59 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (ee4bff0904e55a1e2eed322c100627ad)

1 / 68      (PUP)

37 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (f48dd2726fe90e0ec26af9e5155774bc)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

30 / 68    (PUP)
http://files.przone.ru/.../ZonaSetup_latest.exe  (81e3d6ac4649d6b7c6428d8a72ec505a)

URL:
http://files.przone.ru/

Web server:
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16 mod_python/3.5.0- Python/2.7.5