» dminstl.com
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (230)

dminstl.com

Domain Information

Server location:

Northern Ireland, United Kingdom (GB)

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.DSNRMediaGroup

100.00%

Dr.Web

Adware.Downware.1217

100.00%

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

100.00%

The domain dminstl.com has been seen to resolve to the following IP address.

unallocated.barefruit.co.uk

May 4, 2015

File downloads found at URLs served by dminstl.com.

3 / 68 (Adware)

http://dminstl.com/.../download.php?iid=4&token=000104568ef28ff6847ffbeefa788642c2ba5&src=CLKDMI (etypesetup.exe)

The following 230 files have been seen to comunicate with dminstl.com in live environments.

TCP » 92.242.140.21:80

smelled.exe (Smelled)

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80

marini.exe (Marini)

TCP » 92.242.140.21:443

client.exe (ClientWrapper)

TCP » 92.242.140.21:80

thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443

WindowService.exe (WindowService)

TCP » 92.242.140.21:443

ciuninstall.exe

TCP » 92.242.140.21:1866

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80

masterupdater.exe

TCP » 92.242.140.21:80

pricemeterexpress.crx

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

TCP » 92.242.140.21:80

Latest 20 of 230 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.