» vicecity.en.gta.turbodisk.net
Overview
Analysis
IPs Addresses (1)
Downloads (10)
Website Detail
Related Domains (4)

vicecity.en.gta.turbodisk.net

See PrivacyGuardian.org (Proxy Registrant)

Domain Information

The domain vicecity.en.gta.turbodisk.net is registered by proxy through NAMESILO, LLC and was originally registered in January of 2016. Currently this domain has been known to host various forms of malware. The hosted servers are located in Beauharnois, Quebec within Canada.

Registrant:

See PrivacyGuardian.org

Registrar:

NAMESILO, LLC

Server location:

Quebec, Canada (CA)

Create date:

Wednesday, January 27, 2016

Expires date:

Saturday, January 27, 2018

Updated date:

Thursday, January 28, 2016

ASN:

AS16276 OVH OVH SAS,FR

Root domain:

turbodisk.net

Whois:

1 turbodisk.net record

Scanner detections:

Malware distribution (80% detected)

Scan engine

Details

Detections

ESET NOD32

Win32/InstallMonetizer.AN potentially unwanted application, Win32/Sality.NAU virus, Win32/Sality.NBA virus

77.78%

Microsoft Security Essentials

Worm:Win32/NeksMiner.A, Threat.Undefined

55.56%

avast!

NSIS:InstMonetizer-CA [PUP], Win32:Sality, Win32:SaliCode, Win32:Kukacka

55.56%

Kaspersky

Virus.Win32.Sality, not-a-virus:AdWare.Win32.InstallMonster

55.56%

Emsisoft Anti-Malware

Win32.Sality.OG

44.44%

McAfee

Virus.W32/Sality.gen, Virus.W32/Sality.gen.z, Trojan.Artemis!40D65611A1B4

44.44%

Dr.Web

Win32.Sector.16, Win32.Sector.30

44.44%

F-Prot

W32/Sality.AK, W32/Sality.gen2, W32/Sality.E.gen

44.44%

F-Secure

Application:W32/Generic.70053c248f!Online, Win32.Sality.OG, Win32.Sality.3

33.33%

Norman

Win32.Sality.OG, Win32.Sality.3

33.33%

Reason Heuristics

PUP.InstallMonetizer.ET (M)

22.22%

AVG

Win32/Sality

22.22%

ESET NOD32

Win32/InstallMonetizer.AN potentially unwanted

11.11%

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

11.11%

Clam AntiVirus

Win.Trojan.Ramnit-8178

11.11%

The domain vicecity.en.gta.turbodisk.net has been seen to resolve to the following IP address.

192.95.62.230

February 20, 2016

File downloads found at URLs served by vicecity.en.gta.turbodisk.net.

0 / 68

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (a3a1f46b1057d0d594f75df22974e9b8)

8 / 68 (Infected)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (42537f4b7ce520c3a7c8165eb06fe342)

10 / 68 (Infected)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (688f5a333b7a1b79959e93487a670cc4)

2 / 68 (PUP)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (0aae413c0c95e392c204d510924bd846)

10 / 68 (Infected)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (173b94e8d76dbddd8bef0f0fe8fc1590)

2 / 68 (false positives)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (wrar420.exe)

2 / 68 (PUP)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (007a39ef1ca2bab4d221b84e9b09f815)

13 / 68 (Infected)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (c4c64ddeda5d6b93dfd6710c4eb6a547)

3 / 68 (PUP)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (40d65611a1b4b8d7fe3611db7866a881)

3 / 68 (PUP)

http://vicecity.en.gta.turbodisk.net/GTA_VC_PlayStore_v2.2.exe (96b5f587373fc037e9e5ca48ebf59cb8)

URL:

http://vicecity.en.gta.turbodisk.net/

Web server:

Apache

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.