home

www.azfonts.de

Domain Information

Server location:
Voronezh, Russia (RU)

ASN:
AS29470 RETNNET-AS JSC _RetnNet_,RU

Root domain:
azfonts.de

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MediaFrog.ROSTPAY.Installer (M)
100.00%

The domain www.azfonts.de has been seen to resolve to the following IP address.

46.46.160.235
February 27, 2016

File downloads found at URLs served by www.azfonts.de.

1 / 68      (PUP)
http://www.azfonts.de/distr/.../windows  (fontkeeper - 1.0.exe)

The following 24 files have been seen to comunicate with www.azfonts.de in live environments.

TCP » 46.46.160.235:80
comboplayerinstaller.exe (ComboPlayer Installer by ROSTPAY)

TCP » 46.46.160.235:80
carambis_driver_updater_ab60d9637d6d15fbcb446cd135c55a60bd7ee00d.exe

TCP » 46.46.160.235:80
comboplayer-silent-installer.exe (ComboPlayer Installer by ROSTPAY)

TCP » 46.46.160.235:443
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
comboplayerinstaller.exe (ComboPlayer Installer by ROSTPAY)

TCP » 46.46.160.235:443
carambis_driver_updater_ab60d9637d6d15fbcb446cd135c55a60bd7ee00d.exe

TCP » 46.46.160.235:80
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
carambis_driver_updater_142a09cc71d44bb5813296336cc515d7965cb751.exe

TCP » 46.46.160.235:80
comboplayer-silent-installer.exe (ComboPlayer Installer by ROSTPAY)

TCP » 46.46.160.235:443
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:443
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
fontmanager.exe (FontManager by ROSTPAY)

TCP » 46.46.160.235:443
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:443
carambis_driver_updater_142a09cc71d44bb5813296336cc515d7965cb751.exe

TCP » 46.46.160.235:80
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:443
comboplayer.exe (ComboPlayer by ROSTPAY)

TCP » 46.46.160.235:80
carambis_cleaner_7b20f19cb1ad9352c6414314167fbb32aa31fb54.exe

 
Latest 20 of 27 files

azfiles.net

azfiles.ru

azfonts.net

dll.ru

techno-files.com

timeserver.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.