www.bufiyataolmaz.com

Domain Information

Server location:
Nicosia, CY (CY)

ASN:
AS51557 TR-FBS FBS BILISIM COZUMLERI TIC LTD STI.,TR

Root domain:

Scanner detections:
Malware distribution  (67% detected)

Scan engine
Details
Detections

MicroWorld eScan
Trojan.Generic.9531917, Trojan.Generic.8551052
100.00%

nProtect
Trojan.Generic.9531917, Trojan.Generic.8551052
100.00%

McAfee
Artemis!7E48DCBCDB74, Artemis!448E7AD78EBE
100.00%

K7 AntiVirus
Riskware
100.00%

Norman
Suspicious_Gen4.ESCUP, Suspicious_Gen4.BXKXO
100.00%

Trend Micro House Call
TROJ_GEN.R00GC0DK313, TROJ_GEN.RCBB1AI
100.00%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp]
100.00%

Bitdefender
Trojan.Generic.9531917, Trojan.Generic.8551052
100.00%

Emsisoft Anti-Malware
Trojan.Generic.9531917, BrowserModifier.Win32.Sebutag.AMN
100.00%

Comodo Security
UnclassifiedMalware, TrojWare.Win32.Agent.~fry
100.00%

F-Secure
Trojan.Generic.9531917, Trojan.Generic.8551052
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Avira AntiVirus
TR/Agent.395776.82, TR/BHO.Sebutag
100.00%

Microsoft Security Essentials
TrojanClicker:MSIL/Reksed.A, BrowserModifier:Win32/Sebutag
100.00%

G Data
Trojan.Generic.9531917, Trojan.Generic.8551052
100.00%

The domain www.bufiyataolmaz.com has been seen to resolve to the following IP address.

93-89-226-17.fbs.com.tr
July 8, 2016

File downloads found at URLs served by www.bufiyataolmaz.com.

17 / 68    (Malware)
https://www.bufiyataolmaz.com/.../VideoPlayer.exe  (448e7ad78ebebc053c2ac7ad7794f6e1)

26 / 68    (Malware)
https://www.bufiyataolmaz.com/.../FiLMi-iZLE.exe  (7e48dcbcdb743959d9b3f1d54e0fd52e)

0 / 68
https://www.bufiyataolmaz.com/.../FiLMi-iZLE.exe  (c6ec07cfbc7248916c1f43bb549f45f2)

The following 42 files have been seen to comunicate with www.bufiyataolmaz.com in live environments.

 
Latest 20 of 42 files