» gizaedu.gov.eg
Overview
Analysis
IPs Addresses (1)
Downloads (5)

gizaedu.gov.eg

Domain Information

Server location:

Noord-Holland, Netherlands (NL)

ASN:

AS8075 MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US

Root domain:

gov.eg

Scanner detections:

Malware distribution (60% detected)

Scan engine

Details

Detections

Dr.Web

Win32.HLLP.Jeefo.36352, Trojan.Inject1.28681, Win32.Sector.30

100.00%

AVG

Win32/Hidrag.A, Worm/Delf.KKS, Win32/Sality

100.00%

avast!

Win32:Gardih, Win32:Agent-AODJ [Trj], Win32:SaliCode

100.00%

F-Prot

W32/Jeefo.A, W32/Renamer.A.gen, W32/Sality.gen2

100.00%

Norman

Win32.Jeefo.B, Worm.Generic.377772, Win32.Sality.3

100.00%

ESET NOD32

Win32/Jeefo.A virus, Win32/Delf.NRJ worm, Win32/Sality.NBA virus

100.00%

Microsoft Security Essentials

Threat.Undefined

100.00%

Kaspersky

Virus.Win32.Hidrag, Virus.Win32.Renamer, Virus.Win32.Sality

100.00%

F-Secure

Win32.Jeefo.B, Worm.Generic.377772

66.67%

McAfee

Virus.W32/Jeefo.e, Virus.W32/Gnamer

66.67%

Emsisoft Anti-Malware

Worm.Generic.377772, Win32.Sality

66.67%

VIPRE Antivirus

Threat.4721115

33.33%

The domain gizaedu.gov.eg has been seen to resolve to the following IP address.

13.95.149.199

May 22, 2016

File downloads found at URLs served by gizaedu.gov.eg.

10 / 68 (Infected)

http://gizaedu.gov.eg/data.exe (b9609d2e0ed075e5d8250ffd94143c3f)

11 / 68 (Malware)

http://gizaedu.gov.eg/data.exe (720b58573af1726072504ab4d7e3db9a)

0 / 68

http://gizaedu.gov.eg/data.exe (a3cb42733c01f3d4e95a241f81c95841)

10 / 68 (Infected)

http://gizaedu.gov.eg/data.exe (93578b737f0b76f7eeee84fd7b96f41a)

0 / 68

http://gizaedu.gov.eg/data.exe (0ea2a287849edea85cfc7b3ae06f148f)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.