home

idse.imss.gob.mxii.cf

Domain Information

Server location:
Zurich, Switzerland (CH)

Root domain:
mxii.cf

Scanner detections:
Malware distribution  (86% detected)

Scan engine
Details
Detections

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Trojan:Win32/Dynamer!ac, PWS:Win32/Zbot!rfn, Trojan:Win32/Skeeyah.A!rfn, VirTool:Win32/Obfuscator.ANO
100.00%

MicroWorld eScan
Gen:Variant.Zusy.166284, Gen:Variant.Kazy.713387, Gen:Variant.Agiala.12, Trojan.GenericKD.2680761, Trojan.GenericKD.2882682, Gen:Variant.Kazy.775554
85.71%

ESET NOD32
Win32/Injector.CKTR (variant), Win32/Spy.Zbot.YW, Win32/Injector.CMEG (variant)
85.71%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Dorder-D [Trj]
85.71%

Kaspersky
Trojan.Win32.Yakes, UDS:DangerousObject.Multi.Generic, Trojan-Ransom.Win32.Cryakl, Trojan-Spy.Win32.Zbot
85.71%

Bitdefender
Gen:Variant.Zusy.166284, Gen:Variant.Kazy.713387, Gen:Variant.Agiala.12, Trojan.GenericKD.2680761, Trojan.GenericKD.2882682
85.71%

NANO AntiVirus
Trojan.Win32.Androm.dybbsg, Trojan.Win32.Panda.dvkuhw, Trojan.Win32.Cryakl.dyqsaj, Trojan.Win32.Zbot.dvsrgd, Trojan.Win32.Encoder.dyuqdt
85.71%

Lavasoft Ad-Aware
Gen:Variant.Zusy.166284, Gen:Variant.Kazy.713387, Gen:Variant.Agiala.12, Trojan.GenericKD.2680761, Trojan.GenericKD.2882682
85.71%

Emsisoft Anti-Malware
Gen:Variant.Zusy.166284, Gen:Variant.Kazy.713387, Gen:Variant.Agiala.12, Trojan.GenericKD.2680761, Trojan.GenericKD.2882682
85.71%

F-Secure
Gen:Variant.Zusy.166284, Gen:Variant.Kazy.713387, Gen:Variant.Agiala.12, Trojan.GenericKD.2680761, Trojan.GenericKD.2882682
85.71%

Avira AntiVirus
TR/Crypt.ZPACK.190859, TR/Crypt.Xpack.265439, TR/Crypt.ZPACK.Gen4, TR/Crypt.Xpack.277515, TR/Crypt.ZPACK.214040, TR/Crypt.ZPACK.218522
85.71%

Fortinet FortiGate
W32/Injector.CKST!tr, W32/Zbot.YW!tr.spy, W32/Injector.CMZS!tr, W32/Yakes.NOZF!tr
85.71%

Arcabit
Trojan.Zusy.D2898C, Trojan.Kazy.DAE2AB, Trojan.Agiala.12, Trojan.Generic.D28E7B9, Trojan.Generic.D2BFC7A, Trojan.Kazy.DBD582
85.71%

AhnLab V3 Security
Backdoor/Win32.Androm, Trojan/Win32.MDA, Malware/Win32.Generic, Trojan/Win32.Obfuscator, Trojan/Win32.Skeeyah
85.71%

McAfee
Artemis!CC760CDEA343, PWSZbot-FAMS!C3EF9EDD48A0, Artemis!8A11E7FD0753, RDN/Generic PWS.y, Artemis!74249F62D61A
85.71%

The domain idse.imss.gob.mxii.cf has been seen to resolve to the following IP address.

141.8.224.221
March 3, 2016

File downloads found at URLs served by idse.imss.gob.mxii.cf.

31 / 68    (Malware)
http://idse.imss.gob.mxii.cf/mx/imss/recursos/descargas/IDSE/.../?javapolicy=ir  (bor.exe)

26 / 68    (Malware)
http://idse.imss.gob.mxii.cf/mx/idse/recursos/descargas/IDSE/.../?java-obsoleto=si  (bor.exe)

26 / 68    (PUP)
http://idse.imss.gob.mxii.cf/mx/idse/recursos/descargas/IDSE/.../?java-obsoleto=si  (bor.exe)

32 / 68    (PUP)
http://idse.imss.gob.mxii.cf/mx/idse/recursos/descargas/IDSE/.../?java-obsoleto=si  (bor.exe)

28 / 68    (Malware)
http://idse.imss.gob.mxii.cf/mx/imss/recursos/descargas/IDSE/.../?javapolicy=ir  (java_policy_v2.2.exe)

29 / 68    (Malware)
http://idse.imss.gob.mxii.cf/mx/idse/recursos/descargas/IDSE/.../?javapolicy=ir  (jdk-8u51-windows-i586.exe)

2 / 68      (false positives)
http://idse.imss.gob.mxii.cf/mx/idse/recursos/descargas/IDSE/.../?java-obsoleto=si  (wrar420.exe)

456656fecsc.ml

baixandotorrent.ml

brasfooteiros.ml

dcxsdijicjdismdk.cf

fghjgh.gq

fghjgh.ml

freesteamkeygifts.cf

kodimediaportal.ml

linkporpaver.ga

llcgkrg.ml

luizrhupd.ga

luizrhupd.gq

micewtf.cf

minecraftindir.ml

msft.gq

rezume192.ga

rhr7nbjr6jhv.ga

rhr7nbjr6jhv.ml

verif.cf

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.