Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Malware distribution (65% detected)
Scan engine
Details
Detections
McAfee
W32/Gnamer, Artemis!72CB31555DA5, Artemis!0756591F5975, Virus.W32/Swisyn.ai, Virus.W32/Sality.gen.z
64.29%
Dr.Web
Trojan.Inject1.28681, riskware program Program.Unwanted.493, Trojan.InstallCore.978, Trojan.VbCrypt.250, Win32.Sector.30
64.29%
Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Virus:Win32/Grenam.A, Threat.Undefined
57.14%
avast!
Win32:Agent-AODJ [Trj], Win32:Malware-gen, Win32:VB-OJQ [Wrm], Win32:Sality, Win32:Kukacka
57.14%
Kaspersky
Virus.Win32.Renamer, not-a-virus:AdWare.Win32.Pibee, Trojan.Win32.Agent, Virus.Win32.Sality
57.14%
ESET NOD32
Detection.Undefined, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/VB.QOT trojan, Win32/Sality.NBA virus
50.00%
F-Prot
W32/Renamer.A.gen, W32/Sality.gen2
42.86%
Reason Heuristics
PUP.Reimage (L), Adware.Bundler (M), Threat.Win.Reputation.IMP
42.86%
F-Secure
Application:W32/Generic.70053c248f!Online, Variant.Graftor.128283, Win32.Sality.3
35.71%
Norman
Renamer.M, Win32.Sality.3
35.71%
Trend Micro House Call
TROJ_AGENT_005249.TOMB, Suspicious_GEN.F47V0520, PUA_INSTACOR
28.57%
Emsisoft Anti-Malware
Worm.Generic.377772, Gen:Variant.Graftor.128283, Win32.Sality
28.57%
VIPRE Antivirus
Virus.Win32.Grenam.a, Trojan.Win32.Generic, Threat.4758034
28.57%
Sophos
Troj/Eloigne-L, W32/Renamer-K, Install Core (PUA), Virus 'Mal/Sality-D'
28.57%
Baidu Antivirus
Worm.Win32.Delf, PUA.Win32.ReImageRepair, Adware.Win32.Agent, Adware.Win32.InstallCore
28.57%
The domain www.thursaaw.com has been seen to resolve to the following IP address.
ec2-52-35-105-138.us-west-2.compute.amazonaws.com
April 12, 2016
File downloads found at URLs served by www.thursaaw.com.