» setup.dj-reserve.com
Overview
Analysis
IPs Addresses (1)
Downloads (11)
Network (2)
Website Detail
Related Domains (26)

setup.dj-reserve.com

Privacy Protection Service INC d/b/a PrivacyProtect.org (Proxy Registrant)

Domain Information

The domain setup.dj-reserve.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in October of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Steinsel, Luxembourg within Luxembourg which resides on the RIPE Network Coordination Centre network.

Registrant:

Privacy Protection Service INC d/b/a PrivacyProtect.org

Registrar:

PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:

Luxembourg, Luxembourg (LU)

Create date:

Tuesday, October 6, 2009

Expires date:

Thursday, October 6, 2016

Updated date:

Wednesday, October 7, 2015

ASN:

AS5577 ROOT root SA,LU

Root domain:

dj-reserve.com

Whois:

2 dj-reserve.com records

Google Safe Browsing:

unwanted

Scanner detections:

Detections (78% detected)

Scan engine

Details

Detections

Dr.Web

Adware.Downware.10568, Program.VKontakteDJ.6

77.78%

McAfee

Artemis!20CF604ABDA3, Artemis!DB57B93C100B, Artemis!69189E75169D, Artemis!2191893E7DBB, Artemis!A7DB5068833B, Artemis!BAC52FE3BEFE

66.67%

MicroWorld eScan

Gen:Variant.Application.Downloader.207, Gen:Variant.Kazy.708558, Trojan.Generic.15512166

55.56%

Bitdefender

Gen:Variant.Application.Downloader.207, Gen:Variant.Kazy.708558, Trojan.Generic.15512166

55.56%

Arcabit

Trojan.Application.Downloader.207, Trojan.Kazy.DACFCE, Trojan.Generic.DECB266

55.56%

IKARUS anti.virus

AdWare.AdInstaller, AdWare.BundleApp

55.56%

G Data

Gen:Variant.Application.Downloader.207, Gen:Variant.Kazy.708558, Trojan.Generic.15512166

55.56%

AVG

VkontakteDJ, AdInstaller.kontakte

44.44%

Bkav FE

W32.HfsAdware

44.44%

VIPRE Antivirus

Trojan.Win32.Generic

44.44%

K7 AntiVirus

Adware

44.44%

ESET NOD32

MSIL/Downloader.Agent.P potentially unwanted (variant), MSIL/VKontakteDJ.A potentially unwanted (variant)

44.44%

Lavasoft Ad-Aware

Gen:Variant.Application.Downloader.207, Gen:Variant.Kazy.708558

44.44%

F-Secure

Gen:Variant.Application.Downloader, Trojan.Generic.15512166

44.44%

Kaspersky

UDS:DangerousObject.Multi.Generic, not-a-virus:Downloader.MSIL.VKontakteDJ

44.44%

The domain setup.dj-reserve.com has been seen to resolve to the following IP address.

94.242.221.153

ip-static-94-242-221-153.as5577.net

August 11, 2015

File downloads found at URLs served by setup.dj-reserve.com.

17 / 68 (Adware)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDEyMjAwMDAwMWVjMDAwMWVjMDAwMWVjNjUwYjVhZTI5MQ== (мотылек.exe)

2 / 68 (inconclusive)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (без названия.exe)

2 / 68 (inconclusive)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (ws05cbca48.dat)

19 / 68 (PUP)

http://setup.dj-reserve.com/.../ZWMwMDAxMDBiMzAwMDM5MjAwMDAwM2E2MDAwM2E2MDAwM2E2NzkzNzlmZGZkMg== (султан.exe)

6 / 68 (Adware)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDEyMjAwMDAwMGY1MDAwMGY1MDAwMGY1NTlkN2M5YjYzNw== (эль кондор паса.exe)

2 / 68 (inconclusive)

http://setup.dj-reserve.com/.../ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (ws05cbca48.dat)

11 / 68 (PUP)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (сериал -гримм-(сладк.exe)

16 / 68 (Adware)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDEyMjAwMDAwMWVjMDAwMWVjMDAwMWVjNjUwYjVhZTI5MQ== (р“рѕр»сѓр±р°сџ р»сѓрѕр°.exe)

5 / 68 (PUP)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (kechalar.exe)

5 / 68 (PUP)

http://setup.dj-reserve.com/.../ZWMwMDAxMDBiMzAwMDI3ZTAwMDAwMjg3MDAwMjg3MDAwMjg3MGZlYWZjNzJiZA== (kechalar.exe)

17 / 68 (Adware)

http://setup.dj-reserve.com/.../?advert_key=ZWMwMDAxMDBjMDAwMDFmNzAwMDAwMjU4MDAwMjU4MDAwMjU4NTc5NDJhZmM3ZQ==&name=DJ Clue - Chinatown (feat. Lil' Kim, Junior Mafia & Lil' Cease) (dj clue - chinatown (feat. lil' kim, junior mafia.exe)

The following 2 files have been seen to comunicate with setup.dj-reserve.com in live environments.

TCP » 94.242.221.153:80

vkontaktedjd.exe (Vkontakte DJ Installer)

TCP » 94.242.221.153:80

edmond ayvazyan ev arman papoyan - de asa de xosa -- armenian pop -- hf exclusive -- hd.exe (Vkontakte DJ Installer)

URL:

http://setup.dj-reserve.com/

Web server:

nginx

Related Domains

downloadmusicapp.co.uk

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.