home

freempr9.afrureta.com

Domain Information

Server location:
Madrid, Spain (ES)

Root domain:
afrureta.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DownloadManager.e, PUP.DownloadAdmin.CodeTech.Installer (M)
100.00%

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller
50.00%

ESET NOD32
Win32/AirAdInstaller.E potentially unwanted application
50.00%

VIPRE Antivirus
Threat.4782985
50.00%

The domain freempr9.afrureta.com has been seen to resolve to the following 2 IP addresses.

93.189.35.249
January 16, 2015

93.189.35.250
January 16, 2015

File downloads found at URLs served by freempr9.afrureta.com.

1 / 68      (PUP)
http://freempr9.afrureta.com/.../download?p=REVENUE&trckid=006688950017541985557  (installer_adobe_flash_player_polish.exe)

4 / 68      (Adware)
http://freempr9.afrureta.com/.../download?p=VELISMEDIA1&trckid=Ui7vjqB8D9vPbofbjl2JmSIQy193ZKShyuVoSUXQa0yxaVgaiCuTjUvblOcNYxWDuqx1oiBPfO5G-krilRah6kn4k8o6-2TtHyTQsfLHNLP8hdMY4i3agcO2v3tk_lV3vg02sa_DqNmeVsY9_0Xr23eak-HsedFZvj6qQ7QIYCWklXEs2abtMrCjPUGdWA4xRn453YznqZ_4IxqYA61rOxICJxu6WyEbu6aYq-BYRZo-N_osksWdtaj0S-5ieyJGD_6Ye306IyeCbA_rjJWR0LKsrEhcjck7PwcQkut4OvIjJNtiDCJ_3rg_SYZdSN8Qp_mw3RnjSlEOgo56Mn9j3ukKq7b-hIAohdb7InMtcDCG5Vf6_uv7slxV6Zy8Av5ub8-JXVdajLJwQ2qpNLOkdVeSFd4DLQZVlFTGoENtJKLkdgkBOHak3M_kiUv4cnKVgrsL9NsyI0Zs  (installer_adobe_flash_player_english.exe)

The following file have been seen to comunicate with freempr9.afrureta.com in live environments.

TCP » 93.189.35.249:80
banaduy.exe (Maskaseft Visual Studio 2010 by Maskaseft)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.