» galerie-contini.net
Overview
Analysis
IPs Addresses (1)
Downloads (3)
Network (6)
Website Detail
Statistics
Related Domains (14)

galerie-contini.net

Jean Paul DURR

Domain Information

The domain galerie-contini.net registered by Jean Paul DURR was initially registered in July of 2005 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Frankfurt Am Main, Hessen within Germany which resides on the RIPE Network Coordination Centre network.

Registrant:

Jean Paul DURR

Registrar:

GODADDY.COM, LLC

Server location:

Hessen, Germany (DE)

Create date:

Wednesday, July 13, 2005

Expires date:

Thursday, February 23, 2017

Updated date:

Friday, April 1, 2016

ASN:

AS47846 SEDO-AS , DE

Whois:

1 galerie-contini.net record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Bkav FE

W32.VariantUtaniozB.Trojan, W32.VariantUtaniozC.Trojan, W32.WingenkrisLTAAAAL.Trojan

100.00%

MicroWorld eScan

Gen:Variant.Kazy.303879, Gen:Variant.Symmi.34584

100.00%

Malwarebytes

Trojan.Agent

100.00%

Zillya! Antivirus

Trojan.Agentb.Win32.3157, Trojan.BitWallet.Win32.2

100.00%

K7 AntiVirus

Trojan

100.00%

NANO AntiVirus

Trojan.Win32.Kazy.cqivnv, Trojan.Win32.IRCbot.cqnxai

100.00%

Norman

Troj_Generic.RUPTX, Suspicious_Gen5.AJIMT, Troj_Generic.RXWIP

100.00%

Trend Micro House Call

TROJ_GEN.R002C0DKF14, TROJ_GEN.R08NC0EJB14, TROJ_GEN.R0CBC0PA214

100.00%

avast!

Win32:Downloader-UQU [Trj], Win32:Downloader-URG [Trj]

100.00%

Kaspersky

Trojan-PSW.Win32.Fareit, Trojan.Win32.Agent, Trojan-Banker.Win32.BitWallet

100.00%

Bitdefender

Gen:Variant.Kazy.303879, Gen:Variant.Symmi.34584

100.00%

Agnitum Outpost

Trojan.PWS.Fareit, Trojan.Agent, Trojan.PWS.BitWallet

100.00%

Lavasoft Ad-Aware

Gen:Variant.Kazy.303879, Gen:Variant.Symmi.34584

100.00%

Sophos

Mal/Generic-S

100.00%

Comodo Security

UnclassifiedMalware

100.00%

The domain galerie-contini.net has been seen to resolve to the following IP address.

91.195.240.101

custip-1101.sedoparking.com

May 26, 2016

File downloads found at URLs served by galerie-contini.net.

33 / 68 (Malware)

http://galerie-contini.net/Galerie/Sources/.../owYKCMrLKqwoJKrlC.exe (bdf515508.exe)

33 / 68 (Malware)

http://galerie-contini.net/Galerie/Sources/.../LyXE3EViMikU.exe (AS SSD Benchmark.exe)

33 / 68 (Malware)

http://galerie-contini.net/Galerie/Sources/.../baXQKjvjwHvTQAI.exe (vez6thjt.exe)

The following 6 files have been seen to comunicate with galerie-contini.net in live environments.

TCP » 91.195.240.101:80

cykimhegigka.exe

TCP » 91.195.240.101:80

bosadgypujuz.exe

TCP » 91.195.240.101:80

pacloksunasv.exe

TCP » 91.195.240.101:80

1799877.exe

TCP » 91.195.240.101:587

w.exe

TCP » 91.195.240.101:25

vrt63.tmp

URL:

http://galerie-contini.net/

Title:

“galerie-contini.net -&nbspgalerie-contini Resources and Information.”

Description:

“galerie-contini.net”

Web server:

nginx

Facebook:

Likes: 4

Shares: 4

Comments: 1

Statistics above are for the previous month of April 2024.

Related Domains

679uubhgx.com

7s9nzohf.com

ehsoi8rkh7.com

getfreeflashgames.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.