» mail.mums.ac.ir
Overview
Analysis
IPs Addresses (3)
Downloads (1)

mail.mums.ac.ir

Domain Information

Server location:

Tehran, Iran (IR)

ASN:

AS41881 FANAVA-AS Fanava Group,IR

Root domain:

mums.ac.ir

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Bkav FE

W32.Clod1cf.Trojan

100.00%

Malwarebytes

Backdoor.Hupigon

100.00%

VIPRE Antivirus

Backdoor.Graybird

100.00%

K7 AntiVirus

Trojan

100.00%

NANO AntiVirus

Trojan.Win32.Gaobot.iawc

100.00%

F-Prot

W32/Joke.OA

100.00%

Norman

Suspicious_Gen2.ADGOQ

100.00%

Trend Micro House Call

JOKE_ROSES

100.00%

Sophos

Screen Roses Joke

100.00%

Zillya! Antivirus

Backdoor.Bifrose.Win32.79671

100.00%

Trend Micro

JOKE_ROSES

100.00%

Microsoft Security Essentials

Joke:Win32/ScreenRoses

100.00%

ESET NOD32

Win32/Joke.ScreenRoses

100.00%

IKARUS anti.virus

Joke.Win32.ScreenRoses

100.00%

Fortinet FortiGate

Riskware/ScreenRoses

100.00%

The domain mail.mums.ac.ir has been seen to resolve to the following 3 IP addresses.

95.38.81.16

edge.mums.ac.ir

May 15, 2014

95.38.81.14

mail.mums.ac.ir

May 15, 2014

95.38.81.8

itc-cas1.mums.ac.ir

May 15, 2014

File downloads found at URLs served by mail.mums.ac.ir.

15 / 68 (Malware)

https://mail.mums.ac.ir/.../attachment.ashx?attach=1&id=RgAAAAAomdoacVXOR4jzr36V293bBwAIjgxYoSoDSKJe7Yxql4yfAACHd4DwAABZz6Y6W RnSYlsLE8PGTzPAJu39qCrAAAJ&attid0=EADmz374gs3NRoyVfa0YgD8u&attcnt=1 (for you.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.