home

translatds.ru

Private Person  (Proxy Registrant)

Domain Information

The domain translatds.ru is registered by proxy through REGRU-RU and was originally registered in August of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kiev, Kyyiv within Ukraine which resides on the RIPE Network Coordination Centre network.
Registrar:
REGRU-RU

Server location:
Kyyiv, Ukraine (UA)

Create date:
Tuesday, August 12, 2014

Expires date:
Friday, August 12, 2016

ASN:
AS56872 MACHOSTER-AS Vadim Kyrilovich PE,UA

Whois:
2 translatds.ru records

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.Banner, PUP.InstallMonster.AuditFirmACTIVEAUDIT (M), PUP.Amonitize (M), PUP.InstallMonster.AuditFir (M), PUP.OutBrowse.ERSHNET (M), PUP.InstallMonster (M)
92.31%

K7 AntiVirus
Trojan , Unwanted-Program
15.38%

Trend Micro House Call
Suspicious_GEN.F47V0205, Suspicious_GEN.F47V0422
15.38%

Kaspersky
not-a-virus:Downloader.Win32.MediaGet
15.38%

Dr.Web
Program.MediaGet.21, Program.MediaGet.120
15.38%

Avira AntiVirus
PUA/MediaGet.Gen, PUA/MediaGet.Gen5
15.38%

ESET NOD32
Win32/MediaGet.AF potentially unwanted (variant)
15.38%

AVG
Media, Banne
15.38%

Zillya! Antivirus
Downloader.MediaGet.Win32.338
7.69%

Vba32 AntiVirus
Downloader.MediaGet
7.69%

Bkav FE
W32.HfsAdware
7.69%

Malwarebytes
PUP.Adware.MediaGet
7.69%

Sophos
MediaGet
7.69%

Comodo Security
Application.Win32.MediaGet.G
7.69%

G Data
Win32.Adware.MediaGet
7.69%

The domain translatds.ru has been seen to resolve to the following IP address.

188.130.251.117
May 6, 2015

File downloads found at URLs served by translatds.ru.

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/12578582/.../Romanticheskaya_muzyka_Instrumentalnaya_muzyka_-_romantika_ROYAL_(xMusic.me).mp3&filename=Romanticheskaya_muzyka_Instrumentalnaya_muzyka_-_romantika_ROYAL_(xMusic.me).mp3&filesize=7532177&filetype=audio  (romanticheskaya_muzyka_instrumentalnaya_muzyka___romantika_royal__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/57286522/.../Lisa_-_Crossing_Field_Sword_Art_OP_1_(xMusic.me).mp3&filename=Lisa_-_Crossing_Field_Sword_Art_OP_1_(xMusic.me).mp3&filesize=7840566&filetype=audio  (lisa___crossing_field_sword_art_op_1__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/8129638/.../LiSA_-_Crossing_Field_Sword_Art_OP_(xMusic.me).mp3&filename=LiSA_-_Crossing_Field_Sword_Art_OP_(xMusic.me).mp3&filesize=3323969&filetype=audio  (lisa___crossing_field_sword_art_op__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/2774546/.../Narezki_iz_pesen_-_Nasha_pesnya_Primernaya_pesnya_(xMusic.me).mp3&filename=Narezki_iz_pesen_-_Nasha_pesnya_Primernaya_pesnya_(xMusic.me).mp3&filesize=9823361&filetype=audio  (narezki_iz_pesen___nasha_pesnya_primernaya_pesnya__xmusic.me_.exe)

10 / 68    (PUP)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/54169662/.../Vostochnaya_muzyka_Tanec_zhivota_-_Vostochnaya_muzyka_Tanec_zhivota_(xMusic.me).mp3&filename=Vostochnaya_muzyka_Tanec_zhivota_-_Vostochnaya_muzyka_Tanec_zhivota_(xMusic.me).mp3&filesize=4349623&filetype=audio  (tomorrowland_2013_official_song_first_day_of_tomo_id1170210ids1s.exe)

10 / 68    (PUP)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/64009662/.../Detskie_pesenki_fiksiki_-_Vintik_(xMusic.me).mp3&filename=Detskie_pesenki_fiksiki_-_Vintik_(xMusic.me).mp3&filesize=8213552&filetype=audio  (tomorrowland_2013_official_song_first_day_of_tomo_id1170210ids1s.exe)

17 / 68    (PUP)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/62773860/.../Grigorij_Leps_-_Nu-ka_mechi_stakan_na_stol_(xMusic.me).mp3&filename=Grigorij_Leps_-_Nu-ka_mechi_stakan_na_stol_(xMusic.me).mp3&filesize=7834361&filetype=audio  (mediaget_id2642072ids1s.exe)

10 / 68    (PUP)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/61523223/.../Ishembaev_Ilnur_-_Maj_ajynda_ar_yau_an_Rezeda_hi_rova_k_j_Mansur_SHi_apov_re_(xMusic.me).mp3&filename=Ishembaev_Ilnur_-_Maj_ajynda_ar_yau_an_Rezeda_hi_rova_k_j_Mansur_SHi_apov_re_(xMusic.me).mp3&filesize=4723346&filetype=audio  (tomorrowland_2013_official_song_first_day_of_tomo_id1170210ids1s.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/13691373/.../Klassnaya_melodiya_-_Igor_Krutoj_royal_(xMusic.me).mp3&filename=Klassnaya_melodiya_-_Igor_Krutoj_royal_(xMusic.me).mp3&filesize=4871062&filetype=audio  (klassnaya_melodiya___igor_krutoj_royal__xmusic.me_.exe)

1 / 68      (PUP)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/7850988/.../CHolov_k_ukr._p_snya_-_Z_dnem_narodzhennya_v_ta_m_(xMusic.me).mp3&filename=CHolov_k_ukr._p_snya_-_Z_dnem_narodzhennya_v_ta_m_(xMusic.me).mp3&filesize=5085466&filetype=audio  (cholov_k_ukr._p_snya___z_dnem_narodzhennya_v_ta_m__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/2694621/.../Vitalij_CHernickij_-_Brodyaga_iz_kf._Pacany_(xMusic.me).mp3&filename=Vitalij_CHernickij_-_Brodyaga_iz_kf._Pacany_(xMusic.me).mp3&filesize=9618334&filetype=audio  (vitalij_chernickij___brodyaga_iz_kf._pacany__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/63358337/.../zvuk_vody_iz_krana_-_zvuk_vody_(xMusic.me).mp3&filename=zvuk_vody_iz_krana_-_zvuk_vody_(xMusic.me).mp3&filesize=7817718&filetype=audio  (zvuk_vody_iz_krana___zvuk_vody__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/60156889/.../Viktor_Korolyov_-_Belyj_zhemchug_(xMusic.me).mp3&filename=Viktor_Korolyov_-_Belyj_zhemchug_(xMusic.me).mp3&filesize=3468449&filetype=audio  (viktor_korolyov___belyj_zhemchug__xmusic.me_.exe)

1 / 68      (Adware)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/52456090/.../Jason_Derulo_feat._Snoop_Dogg._by_Stim_-_Vykl_Vkl_Vykl_(xMusic.me).mp3&filename=Jason_Derulo_feat._Snoop_Dogg._by_Stim_-_Vykl_Vkl_Vykl_(xMusic.me).mp3&filesize=8452436&filetype=audio  (jason_derulo_feat._snoop_dogg._by_stim___vykl_vkl_vykl__xmusic.me_.exe)

4 / 68      (inconclusive)
http://translatds.ru/go?type=link&key=1&fileurl=http://file.xmusic.me/mp3/4918783/.../Alla_Pugacheva_-_Ne_vysovyvajsya_dochka_(xMusic.me).mp3&filename=Alla_Pugacheva_-_Ne_vysovyvajsya_dochka_(xMusic.me).mp3&filesize=4175085&filetype=audio  (alla_pugacheva___ne_vysovyvajsya_dochka__xmusic.me_.exe)

URL:
http://translatds.ru/

Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.4.20)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.