hnb5b7vedwug67b.cuhoivno.ru

Private Person  (Proxy Registrant)

Domain Information

The domain hnb5b7vedwug67b.cuhoivno.ru is registered by proxy through REGRU-RU and was originally registered in December of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Edinburgh, Scotland within United Kingdom which resides on the Latin American and Caribbean IP address Regional Registry network.
Registrar:
REGRU-RU

Server location:
Scotland, United Kingdom (GB)

Create date:
Tuesday, December 2, 2014

Expires date:
Wednesday, December 2, 2015

ASN:
AS59711 FORTUNIX-AS Fortunix Networks L.P.,GB

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SalyutemPlyus.M, PUP.Bundler.Outbrowse, PUP.Outbrowse.SalyutemPlyus.Bundler (M), PUP.Outbrowse.MAXTEK.Bundler (M), PUP.ProfitServis.Bundler (M), PUP.Outbrowse.Salyutem.Bundler (M)
100.00%

ESET NOD32
Win32/InstallMonstr.HU potentially unwanted application, Win32/InstallMonstr.HI potentially unwanted application
18.18%

avast!
Win32:Malware-gen, Dropper-gen [Drp]
18.18%

VIPRE Antivirus
Threat.4150696
18.18%

F-Secure
Gen:Variant.Adware.Kazy.432610, Gen:Variant.Graftor.171471
18.18%

K7 AntiVirus
Unwanted-Program
18.18%

Dr.Web
Trojan.InstallMonster.1104
9.09%

AVG
Generic
9.09%

Kaspersky
not-a-virus:AdWare.Win32.InstallMonster
9.09%

Vba32 AntiVirus
AdWare.InstallMonster
9.09%

Avira AntiVirus
TR/Fraud.Gen7, APPL/InstallMon.enid
9.09%

Emsisoft Anti-Malware
Gen:Variant.Graftor.171471
9.09%

Lavasoft Ad-Aware
Gen:Variant.Graftor.171471
9.09%

MicroWorld eScan
Gen:Variant.Graftor.171471
9.09%

Bitdefender
Gen:Variant.Graftor.171471
9.09%

The domain hnb5b7vedwug67b.cuhoivno.ru has been seen to resolve to the following IP address.

September 21, 2015

File downloads found at URLs served by hnb5b7vedwug67b.cuhoivno.ru.

URL:
http://hnb5b7vedwug67b.cuhoivno.ru/

Web server:
nginx/1.4.2 (PHP/5.4.17)