The domain vnl1.izabelcoin.com is registered by proxy through Network Solutions, LLC and was originally registered in July of 2015. Currently this domain has been known to host various forms of malware. The hosted servers are located in Providence, Utah within the United States which resides on the Hosting Services, Inc. network.
Registrant:
PERFECT PRIVACY, LLC
Registrar:
Network Solutions, LLC
Server location:
Utah, United States (US)
Create date:
Wednesday, July 1, 2015
Expires date:
Friday, July 1, 2016
Updated date:
Wednesday, July 1, 2015
ASN:
AS32780 HOSTINGSERVICES-INC - Hosting Services, Inc., US
Scanner detections:
Malware distribution (94% detected)
Scan engine
Details
Detections
ESET NOD32
Win32/Sality.NBA virus, Win32/BitCoinMiner.BY potentially unsafe application, Win32/Parite.B virus, Win32/Madang.A virus
56.25%
Dr.Web
Win32.Sector.30, Detection.Undefined, Win32.Parite.2, Win32.Angel
52.08%
Norman
Win32.Sality.3, Gen:Variant.Application.BitcoinMiner.16, Win32.Parite.B, Win32.Madangel.DIA, Zum.BitCoinMiner.1
50.00%
McAfee
Virus.Artemis!9F29294BD754, Program.Artemis!17226C12B6DA, Virus.Artemis!6A49E3932AB7, Virus.Artemis!887039843F17, Program.Artemis!6FEC8A0B6F30, Trojan.Artemis!5A3AC2D74153
47.92%
Emsisoft Anti-Malware
Win32.Sality, Gen:Variant.Application.BitcoinMiner.16, Win32.Parite, Win32.Madangel.DIA, Trojan.Generic.17233820
45.83%
avast!
Win32:SaliCode, Win32:Kukacka, Win32:Malware-gen, Win32:Parite, Win32:Madangel
45.83%
Reason Heuristics
Adware.Amonetize.OpenSour.Installer.Meta (M), Threat.Win.Reputation.IMP, PUP.BitCoinMiner (M)
41.67%
Microsoft Security Essentials
Threat.Undefined
41.67%
Kaspersky
Virus.Win32.Sality, not-a-virus:RiskTool.Win32.BitCoinMiner, Virus.Win32.Parite, Virus.Win32.Small, not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner
41.67%
F-Prot
W32/Sality.gen2, W32/Sality.E.gen, W32/Parite.B, New or modified Small
39.58%
AVG
Win32/Sality, Win32/Parite, Win32/Madang.C
37.50%
F-Secure
Win32.Sality.3, Variant.Application.BitcoinMiner, Win32.Parite.B, Win32.Madangel.DIA, Zum.BitCoinMiner.1, Trojan.Generic.17233820
37.50%
VIPRE Antivirus
Threat.4721115, Threat.4758034, Threat.4150696
14.58%
Sophos
PUA 'CpuMiner'
4.17%
The domain vnl1.izabelcoin.com has been seen to resolve to the following 4 IP addresses.
usny01.proinity.net
May 16, 2016
camo02.proinity.net
April 15, 2016
hosted-by.Eqserver.com
April 12, 2016
File downloads found at URLs served by vnl1.izabelcoin.com.
The following 11 files have been seen to comunicate with vnl1.izabelcoin.com in live environments.
URL:
http://vnl1.izabelcoin.com/
SSL certificate subject:
CN=vnl1.izabelcoin.com
SSL certificate issuer:
CN=Let's Encrypt Authority X1, O=Let's Encrypt, C=US
Related Domains