amigo.mail.ru

MGL Mail.ru Internet Assets Limited

Domain Information

The domain amigo.mail.ru registered by MGL Mail.ru Internet Assets Limited was initially registered in September of 1997 through RU-CENTER-REG-RIPN. Currently this domain has been known to host various forms of malware. The hosted servers are located in Orenburg, Orenburg within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
RU-CENTER-RU

Server location:
Orenburg, Russia (RU)

Create date:
Saturday, September 27, 1997

Expires date:
Saturday, October 01, 2016

ASN:
AS47764 MAILRU-AS Limited liability company Mail.Ru

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Win32.Generic, PUP.MailRU.Amigo.Installer (M), PUP.MailRu.Amigo (M)
100.00%

The domain amigo.mail.ru has been seen to resolve to the following 3 IP addresses.

amigo.mail.ru
January 29, 2016

vrrp-hoe.p.mail.ru
February 3, 2014

vrrp-kirka.p.mail.ru
February 3, 2014

File downloads found at URLs served by amigo.mail.ru.

1 / 68      (Malware)
https://amigo.mail.ru/amigo_setup.exe  (87a6ab4fc3edecf5e397130e08adf683)

The following 16 files have been seen to comunicate with amigo.mail.ru in live environments.

 
Latest 20 of 32 files

URL:
http://amigo.mail.ru/

Google Analytics:
UA-63957003

Title:
“Браузер «Амиго» - Установи быстрый браузер!”

Description:
“Браузер «Амиго» – это не только быстрый и безопасный браузер, но и приложение для социальных сетей. Благодаря ему, вы сразу будете в курсе новостей ваших друзей, сможете обмениваться личными сообщениями, слушать музыку, делиться ссылками, менять ...”

SSL certificate subject:
CN=*.mail.ru, OU=IT, O=LLC Mail.Ru, L=Moscow, S=RUSSIAN FEDERATION, C=RU

SSL certificate issuer:
CN=GeoTrust SSL CA - G3, O=GeoTrust Inc., C=US

Web server:
nginx

Facebook:
Likes:  766
Shares:  7,274
Comments:  103

Statistics are for the previous month.