www.videooizleyin.com

whoisprotection biz

Domain Information

The domain www.videooizleyin.com registered by whoisprotection biz was initially registered in January of 2015 through FBS INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Nicosia, Nicosia within CY which resides on the RIPE Network Coordination Centre network.
Registrar:
FBS INC.

Server location:
Nicosia, CY (CY)

Create date:
Wednesday, January 28, 2015

Expires date:
Saturday, January 28, 2017

Updated date:
Friday, January 29, 2016

ASN:
AS51557 TR-FBS FBS BILISIM COZUMLERI TIC LTD STI.,TR

Root domain:

Scanner detections:
Malware distribution  (96% detected)

Scan engine
Details
Detections

avast!
Win32:Dropper-gen [Drp], Win32:Malware-gen, Win32:SaliCode
100.00%

Kaspersky
Trojan.Win32.VB, Virus.Win32.Sality
100.00%

Dr.Web
Trojan.Siggen1.63828, Trojan.DownLoader12.23254, Trojan.DownLoader14.25252, Trojan.DownLoader12.23680, Trojan.DownLoader12.23240
100.00%

ESET NOD32
Win32/VB.RTN, Win32/Packed.AHK (variant)
100.00%

G Data
Trojan.Generic.12585790, Trojan.Generic.12567452, Gen:Variant.Symmi.48611, Gen:Variant.Symmi.51663, Gen:Variant.Symmi.49919
100.00%

MicroWorld eScan
Trojan.Generic.12585790, Trojan.Generic.12567452, Gen:Variant.Symmi.49919, Gen:Variant.Symmi.51663
96.00%

nProtect
Trojan.Generic.12585790, Trojan.Generic.12567452
96.00%

Quick Heal
TrojanDownloader.Murlo.clv.n3
96.00%

Bitdefender
Trojan.Generic.12585790, Trojan.Generic.12567452, Gen:Variant.Symmi.51663, Gen:Variant.Symmi.49919
96.00%

Lavasoft Ad-Aware
Trojan.Generic.12585790, Trojan.Generic.12567452, Gen:Variant.Symmi.51663, Gen:Variant.Symmi.49919
96.00%

Emsisoft Anti-Malware
Trojan.Generic.12585790, Trojan.Generic.12567452, Gen:Variant.Symmi.51663, Gen:Variant.Symmi.49919, Win32.Sality
96.00%

F-Secure
Trojan.Generic.12585790, Trojan.Generic.12567452, Trojan:W32/Bepush.B, Gen:Variant.Symmi.49919
96.00%

Fortinet FortiGate
W32/ExtenBro.AK!tr, W32/VB.CTXV!tr, W32/VB.RTN!tr
96.00%

Baidu Antivirus
Trojan.Win32.VB
96.00%

Panda Antivirus
Trj/CI.A, Trj/Genetic.gen
88.00%

The domain www.videooizleyin.com has been seen to resolve to the following 2 IP addresses.

93-89-226-17.fbs.com.tr
January 29, 2016

May 5, 2015

File downloads found at URLs served by www.videooizleyin.com.

35 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

19 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

19 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

20 / 68    (Malware)

37 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

35 / 68    (Malware)

29 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

36 / 68    (Malware)

36 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

10 / 68    (Infected)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

18 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

35 / 68    (Malware)

34 / 68    (Malware)

16 / 68    (Malware)

28 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

28 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

32 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

17 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

43 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

34 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

31 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

0 / 68
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

32 / 68    (PUP)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

33 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

35 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

24 / 68    (Malware)
http://www.videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

The following 42 files have been seen to comunicate with www.videooizleyin.com in live environments.

 
Latest 20 of 42 files

URL:
http://www.videooizleyin.com/

Title:
“Untitled Page”

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 2.0.50727)