» media02.arabsh.com
Overview
Analysis
IPs Addresses (3)
Downloads (3)

media02.arabsh.com

Domain Information

Server location:

Ile-De-France, France (FR)

ASN:

AS12876 AS12876 ONLINE S.A.S.,FR

Root domain:

arabsh.com

Scanner detections:

Malware distribution (67% detected)

Scan engine

Details

Detections

Bkav FE

W32.Clod966.Trojan

50.00%

Reason Heuristics

PUP.InstallX.Bundle

50.00%

McAfee

Artemis!DCFB7A85ADE5

50.00%

Norman

Troj_Generic.RTEAA

50.00%

ESET NOD32

MSIL/HackTool.Crypter.AO

50.00%

Bitdefender

Gen:Variant.Strictor.47652

50.00%

Agnitum Outpost

HackTool.Crypter

50.00%

Lavasoft Ad-Aware

Gen:Variant.Strictor.47652

50.00%

Comodo Security

UnclassifiedMalware

50.00%

VIPRE Antivirus

Trojan.Win32.Generic

50.00%

Emsisoft Anti-Malware

Gen:Variant.Strictor.47652

50.00%

G Data

Gen:Variant.Strictor.47652

50.00%

IKARUS anti.virus

Trojan.KeyLogger

50.00%

Fortinet FortiGate

Malware_fam.NB

50.00%

MicroWorld eScan

Gen:Variant.Strictor.47652

50.00%

The domain media02.arabsh.com has been seen to resolve to the following 3 IP addresses.

78.109.30.111

111.30.109.78.hosting.ua

August 2, 2016

62.210.79.207

62-210-79-207.rev.poneytelecom.eu

April 14, 2016

46.165.200.2

September 3, 2014

File downloads found at URLs served by media02.arabsh.com.

0 / 68

http://media02.arabsh.com/file/1465235499/.../Hack by aimen.exe (02ddb322ed5fbdf84d61f26ddf4dc282)

2 / 68 (PUP)

http://media02.arabsh.com/file/1402531556/.../Setup.exe (7z920.exe)

21 / 68 (Malware)

http://media02.arabsh.com/file/1402776282/.../Crypter.exe (dcfb7a85ade58b4541c18ca6e2acfc60)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.