» oraudregy.drykwem.ru
Overview
Analysis
IPs Addresses (1)
Downloads (5)
Related Domains (2)

oraudregy.drykwem.ru

Domain Information

Server location:

Noord-Holland, Netherlands (NL)

ASN:

AS59711 FORTUNIX-AS Fortunix Networks L.P.,GB

Root domain:

drykwem.ru

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Bundler.ProfitServis, PUP.ProfitServis.AZOVEKOGRUP.Bundler (M)

100.00%

VIPRE Antivirus

Threat.4150696

20.00%

Dr.Web

Trojan.InstallMonster.1052

20.00%

ESET NOD32

Win32/InstallMonstr.HI potentially unwanted application

20.00%

Clam AntiVirus

Win.Trojan.12408691

20.00%

K7 AntiVirus

Unwanted-Program

20.00%

Agnitum Outpost

Riskware.Agent

20.00%

The domain oraudregy.drykwem.ru has been seen to resolve to the following IP address.

5.149.254.180

March 20, 2015

File downloads found at URLs served by oraudregy.drykwem.ru.

1 / 68 (Adware)

http://oraudregy.drykwem.ru/cWZ5Ynl4YXFxdmd1ZnZqdmF4aHsic2lkIjoiNTgyMCIsInVybCI6Imh0dHA6XC9cL3hha2VweS5pbmZvXC9maWxlc1wvc2V0dXAuemlwIiwibmFtZSI6IkFpckNyYWNrLmV4ZSIsInR5cGUiOiJzZXR1cCIsInNpemUiOjcwMDAsInZlciI6IjEiLCJybmQwIjoiODY0ZGU4ZTg1ZmY0MTJhMmJiNDEyMmI2YWU1OTAxZTIifQ (aircrack.exe)

1 / 68 (Adware)

http://oraudregy.drykwem.ru/amdxampubGNyY3VvdHl4ZHpiaHJ2cWNsam9peHpienBkeHFlbGxieyJzaWQiOiI1ODIwIiwidXJsIjoiaHR0cDpcL1wveGFrZXB5LmluZm9cL2ZpbGVzXC9zZXR1cC56aXAiLCJuYW1lIjoiV2lDcmFjay5leGUiLCJ0eXBlIjoic2V0dXAiLCJzaXplIjo3MDAwLCJ2ZXIiOiIxIiwicm5kMCI6ImU3N2Q0ZTg4NmMzNjczNjMxOGQ0OWJkNTYwMWI4ZTIwIn0 (wicrack.exe)

1 / 68 (Adware)

http://oraudregy.drykwem.ru/bmJrcnp0dnB2ZnlwcnFlaGNubWx2Y2h6YnJuZXp0bWxlamNjeHsic2lkIjoiNTgyMCIsInVybCI6Imh0dHA6XC9cL3hha2VweS5pbmZvXC9maWxlc1wvc2V0dXAuemlwIiwibmFtZSI6IldpRmktQnJ1dGUuZXhlIiwidHlwZSI6InNldHVwIiwic2l6ZSI6NzAwMCwidmVyIjoiMSIsInJuZDAiOiI5MTQ0ZWE0N2I3ZjVhNTY3MTE5MTMyNGQ3YmU1NTRlMiJ9 (wifi-brute.exe)

1 / 68 (Adware)

http://oraudregy.drykwem.ru/cmNhdGFsb29odWd5cHBmdXhwZmxzaWd0ZXl1aWl0cWFxeyJzaWQiOiI1ODIwIiwidXJsIjoiaHR0cDpcL1wveGFrZXB5LmluZm9cL2ZpbGVzXC9zZXR1cC56aXAiLCJuYW1lIjoiQWlyU2xheC5leGUiLCJ0eXBlIjoic2V0dXAiLCJzaXplIjo3MDAwLCJ2ZXIiOiIxIiwicm5kMCI6ImUwMjcwODhiZDM1NDUyYjQ4ODBjYjQzZGI3MTllNmMzIn0 (airslax.exe)

7 / 68 (Adware)

http://oraudregy.drykwem.ru/eyJ2ZXIiOiIxIiwic2lkIjoiNTY0MiIsInVybCI6Imh0dHA6XC9cL3lhZGkuc2tcL2RcL3RNQ0c4WHdJSGJQNEQiLCJuYW1lIjoidE1DRzhYd0lIYlA0RCIsInR5cGUiOiJzZXR1cCIsInNpemUiOjIwOTU4LCJybmQwIjoiNWYzNmE0YmQ4OWQwYTk5MmE2NTJhODdjNjUyM2FkNGYifQ,, (tmcg8xwihbp4d.exe)

Related Domains

bl-up.ru

yeffet.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.