The domain devid.drp.su is registered by proxy through R01-REG-FID and was originally registered in June of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Wayne, Pennsylvania within the United States which resides on the 1&1 Internet Inc. network.
Pennsylvania, United States (US)
Wednesday, June 17, 2009
Friday, June 17, 2016
Detections (88% detected)
PUP.Bundler.KuzyakovArtur.Meta (L), PUP.Bundler.Kuzyakov.Meta (L)
Antiy Labs AVL
Trend Micro House Call
TROJ_GEN.F47V0723, TROJ_GEN.F47V0808, TROJ_GEN.F47V0803, TROJ_GEN.F47V0411, TROJ_GEN.F47V0409
The domain devid.drp.su has been seen to resolve to the following 8 IP addresses.
February 8, 2014
December 26, 2013
File downloads found at URLs served by devid.drp.su.
Latest 30 of 48 download URLs
The following 2 files have been seen to comunicate with devid.drp.su in live environments.
“Search for drivers”
“This web site allows you to easily find, download and install any driver. Search for drivers, find drivers, download drivers, drivers”
SSL certificate subject:
CN=ssl256375.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Statistics are for the previous month.