» dlc.multimails.ru
Overview
Analysis
Downloads (7)

dlc.multimails.ru

Private Person (Proxy Registrant)

Domain Information

The domain dlc.multimails.ru is registered by proxy through REGRU-REG-RIPN and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software.

Registrant:

Private Person

Registrar:

REGRU-REG-RIPN

Create date:

Tuesday, August 20, 2013

Expires date:

Wednesday, August 20, 2014

Root domain:

Whois:

1 multimails.ru record

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

MicroWorld eScan

Gen:Variant.Graftor.76116, Gen:Variant.Graftor.110603

100.00%

K7 AntiVirus

Trojan

100.00%

Bitdefender

Gen:Variant.Graftor.76116, Gen:Variant.Graftor.110603

100.00%

Comodo Security

TrojWare.Win32.Kryptik.AXJX

100.00%

F-Secure

Gen:Variant.Graftor.76116, Gen:Variant.Graftor.110603

100.00%

Emsisoft Anti-Malware

Gen:Variant.Graftor.76116, Gen:Variant.Graftor.110603

100.00%

G Data

Gen:Variant.Graftor.76116, Gen:Variant.Graftor.110603

100.00%

IKARUS anti.virus

Virus.Win32.Cryptor

100.00%

AVG

Win32/Cryptor

100.00%

McAfee

BackDoor-FBDY!A8750FDC8E0B, BackDoor-FBDY!70CFE0B32C3E, BackDoor-FBDY!A78F0B2F703D, BackDoor-FBDY!297947B9DACC, BackDoor-FBDY!F6666B09BC96

85.71%

Dr.Web

Trojan.LoadMoney.17

85.71%

Reason Heuristics

PUP.SharapovaSvetlanaBorisovnaIP.t, PUP.SharapovaSvetlanaBorisovnaIP.H, PUP.SharapovaSvetlanaBorisovnaIP.DD, PUP.SharapovaSvetlanaBorisovnaIP.a

85.71%

Malwarebytes

Trojan.LoadMoney

71.43%

avast!

Win32:Downloader-UFC [PUP], Win32:Downloader-UFA [PUP]

71.43%

Avira AntiVirus

TR/Graftor.76116.406, TR/Graftor.76116.753, TR/Graftor.110603.96, TR/Graftor.76116.726, TR/Graftor.76116.125

71.43%

File downloads found at URLs served by dlc.multimails.ru.

19 / 68 (PUP)

http://dlc.multimails.ru/download/0b171713594c4c040c0f0700060d1711064d11164c0406173c1b0e0f5c/0e0f11070a075e515b5a56515a5b565745050a0f063c0a075e/052d4a63/.../wwe_smack_down_vs_raw_2011_2.exe (ffa3f028e8c049632cc73dcae5cd3c62)

20 / 68 (PUP)

http://dlc.multimails.ru/download/1d0101054f5a5a121a191116101b0107105b07005a1210012a0d18194a/181907111c1148474d4c40464d46424253131c19102a1c1148/052d5a75/.../portal_md_t314419bigtorrents_org.exe (f6666b09bc968465afccebbfead28c19)

20 / 68 (PUP)

http://dlc.multimails.ru/download/8d919195dfcaca86848380828a8a81cb9790ca8c8b838ada/95839696918a979cd8d6d38684d5d581d6d286d5d284d6c3838c8980d8/0005b4e5/.../na100_top_letn_hity_p_1_tfile_ru.exe (297947b9dacc382a5243b92e86f700d6)

20 / 68 (PUP)

http://dlc.multimails.ru/download/a1bdbdb9f3e6e6aea6a5adaaaca7bdbbace7bbbce6aeacbd96b1a4a5f6/a4a5bbada0adf4fbf1f0fcfbf1fbf9fbefafa0a5ac96a0adf4/052d47c9/.../torrent.exe (a78f0b2f703dd6eb1f986a82b083365c)

19 / 68 (PUP)

http://dlc.multimails.ru/download/dcc0c0c48e9b9bd3dbd8d0d7d1dac0c6d19ac6c19bd3d1c0ebccd9d88b/d9d8c6d0ddd089868c8d818183808c8092d2ddd8d1ebddd089/00c1f9b4/.../wwe_smackdown_vs_raw_2011_eng.exe (70cfe0b32c3e96e2f4a2fca7e75f56fd)

11 / 68 (PUP)

http://dlc.multimails.ru/download/eff3f3f7bda8a8e3f0eaebe3f5a9f5f2a8e0e2f3d8ffeaebb8/eaebf5e3eee3bab6b5b3b5b2b5b6bfb3a1e1eeebe2d8eee3ba/00415287/.../wot_xvm.exe (44eb9821ce97bcb3ef09513af56b5079)

12 / 68 (PUP)

http://dlc.multimails.ru/download/fde1e1e5afbabaf2faf9f1f6f0fbe1e7f0bbe7e0baf2f0e1caedf8f9aa/f8f9e7f1fcf1a8a7adaca1a6a5aca0acb3f3fcf9f0cafcf1a8/04b4f895/.../lck-1368-1384-skritaya-kamera-v-razdevalke-basseyna.exe (a8750fdc8e0bf9e5f0af53bb9f8fcc17)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.