www.megapackagetours.com

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (87% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Swizzor.19586, Win32.Virut.56, Win32.Sector.30, Trojan.InstallCore.978, Trojan.Inject1.28681
71.43%

Emsisoft Anti-Malware
Gen:Variant.Adware.Symmi.59817, Gen:Variant.Mikey.31214, Win32.Virtob.Gen.12, Win32.Ramnit.N, Win32.Sality
71.43%

McAfee
Trojan.Artemis!6CBC3F6C6913, Trojan.Artemis!0C35D68942D8, Virus.W32/Virut.n.gen, Program.Artemis!6CBC3F6C6913, Artemis!0756591F5975
64.29%

avast!
Win32:Evo-gen [Susp], Win32:Vitro, Win32:RmnDrp, Win32:SaliCode, Win32:Malware-gen, Win32:Sality, Win32:Agent-AODJ [Trj]
64.29%

Norman
Gen:Variant.Mikey.31214, Gen:Variant.Adware.Symmi.59817, Win32.Virtob.Gen.12, Win32.Ramnit.N, Win32.Sality.3
57.14%

ESET NOD32
Win32/Virut.NBP virus, Win32/Ramnit.H virus, Win32/Sality.NBA virus, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/Delf.NRJ worm
57.14%

Microsoft Security Essentials
Threat.Undefined
50.00%

VIPRE Antivirus
Threat.4737366, Threat.4732184, Threat.4721115, Trojan.Win32.Generic
42.86%

F-Prot
W32/Virut.AL!Generic, W32/Sality.E.gen, W32/Sality.gen2, W32/Ramnit.B!Generic, W32/Renamer.A.gen
42.86%

Kaspersky
Virus.Win32.Virut, Virus.Win32.Nimnul, Virus.Win32.Sality
42.86%

Sophos
Virus 'W32/Ramnit-A', Virus 'Mal/Sality-D', Install Core (PUA)
28.57%

AegisLab AV Signature
Troj.W32.Gen, Suspicious.Cloud.Gen!c
21.43%

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48 [F], PE:Malware.Generic/QRS!1.9E2D [F]
21.43%

G Data
Gen:Variant.Adware.Symmi.59817, Win32.Application.Agent.FGGEND
21.43%

AVG
Win32/Virut, Win32/Sality, Win32/Ramnit.A
21.43%

The domain www.megapackagetours.com has been seen to resolve to the following 66 IP addresses.

server-54-192-19-78.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-47.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-202.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-192.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-177.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-143.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-140.iad12.r.cloudfront.net
August 13, 2016

server-54-192-19-135.iad12.r.cloudfront.net
August 13, 2016

server-52-85-131-100.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-77.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-73.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-38.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-227.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-199.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-196.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-124.iad53.r.cloudfront.net
May 16, 2016

server-54-230-102-95.iad2.r.cloudfront.net
April 14, 2016

server-54-230-102-226.iad2.r.cloudfront.net
April 14, 2016

server-54-230-102-197.iad2.r.cloudfront.net
April 14, 2016

server-54-230-102-151.iad2.r.cloudfront.net
April 14, 2016

server-54-230-102-128.iad2.r.cloudfront.net
April 14, 2016

server-54-230-102-29.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-201.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-171.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-103.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-96.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-94.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-42.iad2.r.cloudfront.net
April 12, 2016

server-54-230-102-37.iad2.r.cloudfront.net
April 12, 2016

server-52-85-131-127.iad53.r.cloudfront.net
April 12, 2016

 
Showing 30 of 66 IP Addresses

File downloads found at URLs served by www.megapackagetours.com.

5 / 68      (Malware)
http://www.megapackagetours.com/.../installer.exe  (b59922115674f4b308669b0fd9c60da6)

11 / 68    (Infected)
http://www.megapackagetours.com/.../installer.exe  (ae6114041c001d3dd5fb82f1c4668856)

1 / 68      (PUP)
http://www.megapackagetours.com/.../installer.exe  (367b125e1c93807b9a226bde1fd9b91d)

12 / 68    (PUP)
http://www.megapackagetours.com/.../installer.exe  (d9193512cb3ff1292acfb70ec2dc7cd5)

0 / 68
http://www.megapackagetours.com/.../installer.exe  (f56dd8c736c84c8d56a5ccb043154216)

13 / 68    (inconclusive)
http://www.megapackagetours.com/.../installer.exe  (0c35d68942d83509b74b63ce19320870)

17 / 68    (PUP)
http://www.megapackagetours.com/.../installer.exe  (0756591f597552415e42b0781d2e4811)

3 / 68      (Malware)
http://www.megapackagetours.com/.../installer.exe  (410c7228fc04e9fdff6a28650a6d253f)

9 / 68      (PUP)
http://www.megapackagetours.com/.../installer.exe  (0e4a6b3d3200cbd393e067a13ba59f43)

1 / 68      (PUP)
http://www.megapackagetours.com/.../installer.exe  (96ade1d98b21132cafae30c50ca1b29f)

11 / 68    (Infected)
http://www.megapackagetours.com/.../installer.exe  (67fb1360e2daf8426d08d7b8310449d4)

3 / 68      (PUP)
http://www.megapackagetours.com/.../installer.exe  (20902924d349a4a49fad854cd94b8521)

15 / 68    (PUP)
http://www.megapackagetours.com/.../installer.exe  (6cbc3f6c69130bbecc12e2cb6e169467)

13 / 68    (Infected)
http://www.megapackagetours.com/.../installer.exe  (0be1a5540c0f02f73c9915791df15748)

11 / 68    (Malware)
http://www.megapackagetours.com/.../installer.exe  (f5c4293a30d4c1bed2b69b5170be7528)

The following 166 files have been seen to comunicate with www.megapackagetours.com in live environments.

 
Latest 20 of 228 files