» ps.vk.me
Overview
Analysis
IPs Addresses (3)
Downloads (1)
Network (23)
Related Domains (2)

ps.vk.me

Domain Information

Server location:

Saint Petersburg City, Russia (RU)

ASN:

AS47541 VKONTAKTE-SPB-AS VKontakte Ltd,RU

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

MicroWorld eScan

Gen:Variant.Symmi.3329

100.00%

McAfee

Artemis!3AD359C3FF2C

100.00%

K7 AntiVirus

Riskware

100.00%

Norman

Suspicious_Gen5.AKXUT

100.00%

avast!

Win32:Malware-gen

100.00%

Bitdefender

Gen:Variant.Symmi.3329

100.00%

Lavasoft Ad-Aware

Gen:Variant.Symmi.3329

100.00%

Comodo Security

UnclassifiedMalware

100.00%

F-Secure

Gen:Variant.Symmi.3329

100.00%

VIPRE Antivirus

Trojan.Win32.Generic

100.00%

Avira AntiVirus

TR/Symmi.3329.39

100.00%

Emsisoft Anti-Malware

Gen:Variant.Symmi.3329

100.00%

G Data

Gen:Variant.Symmi.3329

100.00%

IKARUS anti.virus

Virus.Win32.Heur

100.00%

AVG

Win32/Heur

100.00%

The domain ps.vk.me has been seen to resolve to the following 3 IP addresses.

srv124-199.vkontakte.ru

June 21, 2014

srv219-199.vkontakte.ru

June 21, 2014

srv218-199.vkontakte.ru

June 21, 2014

File downloads found at URLs served by ps.vk.me.

16 / 68 (Malware)

https://ps.vk.me/c539314/u158657919/docs/.../123.dll?extra=UFEAeH2s5CSqlgDnLpyKHMTbr15o4G_e2ZY_CDT4buUMeipyG0mSloItP2UkVoSp-hl8deA3QTVrOXkBcGIKmERAu5CtxFFw9w&dl=1 (3ad359c3ff2c52df4b253c0553aeefba)

The following 23 files have been seen to comunicate with ps.vk.me in live environments.

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 95.142.199.218:443

uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 95.142.199.218:443

kometa.exe (Kometa by Kometa Authors)

TCP » 95.142.199.218:443

vimeworld.exe (BrainStorm Launcher by VimeWorld)

TCP » 95.142.199.124:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

kometa.exe (Kometa (1.0.0.0) by Kometa Authors)

TCP » 95.142.199.218:443

amigo.exe (Amigo by Mail.Ru)

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

kometa.exe (Kometa (39.34) by Kometa Authors)

TCP » 95.142.199.124:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.124:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 95.142.199.124:443

kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 95.142.199.218:443

online-guardian-v2.0.9.exe

TCP » 95.142.199.124:443

kometa.exe (Kometa (1.0.0.0) by Kometa Authors)

TCP » 95.142.199.218:443

UCBrowser.exe (UC Browser by UCWeb)

Latest 20 of 38 files

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.