» custom.links-moscow.ru
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (46)

custom.links-moscow.ru

Domain Information

Server location:

California, United States (US)

ASN:

AS26008 NOMINUM-SKYE1 - SKYE

Root domain:

links-moscow.ru

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.MailRu.u

100.00%

The domain custom.links-moscow.ru has been seen to resolve to the following IP address.

search.dnsassist.verizon.net

February 27, 2014

File downloads found at URLs served by custom.links-moscow.ru.

1 / 68 (PUP)

http://custom.links-moscow.ru/TlJSVhwJCUBJVEVDVQhEU18LQE9KQwhUUwlBQ1J5XktKGUBPSkN5T0Ib/zaycev/.../begging_for_incest_-_gangbang_the_preteen_zaycev_net.exe ({blocked}.exe)

The following 46 files have been seen to comunicate with custom.links-moscow.ru in live environments.

TCP » 199.101.28.20:80

suggestions.crx

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

google-search.crx

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

TCP » 199.101.28.20:80

Latest 20 of 46 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.