home

loadmoney.ru

Private Person  (Proxy Registrant)

Domain Information

The domain loadmoney.ru is registered by proxy through RU-CENTER-RU and was originally registered in January of 2012. Currently this domain has been known to host various forms of malware. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
RU-CENTER-RU

Server location:
Moscow City, Russia (RU)

Create date:
Wednesday, January 18, 2012

Expires date:
Wednesday, January 18, 2017

ASN:
AS42632 MNOGOBYTE-AS MnogoByte LLC

Whois:
2 loadmoney.ru records

Scanner detections:
Malware distribution  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.MailRu.u, Win32.Generic
80.00%

avast!
Win32:LoadMoney-BU [PUP]
40.00%

Emsisoft Anti-Malware
Gen:Variant.Application.Zusy.93204
20.00%

VIPRE Antivirus
Threat.4781975
20.00%

ESET NOD32
Win32/LoadMoney.L potentially unwanted application
20.00%

F-Prot
W32/LoadMoney.A.gen
20.00%

McAfee
Program.Downloader-FKW
20.00%

Dr.Web
Trojan.Packed.24079
20.00%

F-Secure
Variant.Application.Zusy
20.00%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
20.00%

The domain loadmoney.ru has been seen to resolve to the following 2 IP addresses.

178.248.235.93
February 24, 2016

146.255.192.10
loadmoney.ru
February 7, 2014

File downloads found at URLs served by loadmoney.ru.

1 / 68      (Malware)
http://loadmoney.ru/get_file?sid=7763&url=aHR0cDovL2RlcG9zaXRmaWxlcy5jb20vZmlsZXMvd2F4YmQ3cDZ5&name=YUhSMGNEb3ZMMlJsY0c5emFYUm1hV3hsY3k1amIyMHZabWxzWlhNdmQyRjRZbVEzY0RaNQ==&type=YXJjaGl2ZQ==  (ahr0cdovl2rlcg9zaxrmawxlcy5jb20vzmlszxmvd2f4ymq3cdz5.exe)

1 / 68      (Malware)
http://loadmoney.ru/get_file?sid=6305&url=aHR0cHM6Ly9kbC5kcm9wYm94LmNvbS91LzEwOTU5ODcxNy9JTk9aRU1fMjAxMy5wZGY=&name=SU5PWkVNXzIwMTMucGRm&type=YXJjaGl2ZQ==  (inozem_2013.exe)

10 / 68    (PUP)
http://loadmoney.ru/get_file?sid=1523&url=aHR0cDovL3d0Zm9vby5uaWNob3N0LnJ1L3Zrb250YWt0ZV9nb2xvc2EuZXhl&name=dmtvbnRha3RlX2dvbG9zYS5leGU=&type=YXJjaGl2ZQ==  (vkontakte_golosa.exe)

1 / 68      (Malware)
http://loadmoney.ru/.../aWQ9MTIwMg==&name=c2NlbmFyaXktcG9zbGVkbmVnby16dm9ua2EuZG9j&type=YXJjaGl2ZQ==&size=NjQgS2I=  (scenariy-poslednego-zvonka.exe)

1 / 68      (PUP)
http://loadmoney.ru/get_file?sid=7763&url=aHR0cDovL2RlcG9zaXRmaWxlcy5jb20vZmlsZXMvdnduM3R4Ymcw&name=YUhSMGNEb3ZMMlJsY0c5emFYUm1hV3hsY3k1amIyMHZabWxzWlhNdmRuZHVNM1I0WW1jdw==&type=YXJjaGl2ZQ==  (ahr0cdovl2rlcg9zaxrmawxlcy5jb20vzmlszxmvdndum3r4ymcw.exe)

0 / 68
http://loadmoney.ru/get_file?sid=2886&url=aHR0cDovL21pY3Jvc29mdHBvcnRhbC5uZXQvZW5naW5lL2Rvd25sb2FkLnBocD9pZD0xODk=&name=c3RhcnRtZW51LXNldHVwLmV4ZQ==&size=Mzc2NjMyOA==  (startmenu-setup.exe)

February 24, 2016
dl.loadmoney.ru

URL:
http://loadmoney.ru/

Google Analytics:
UA-31713205

Title:
“LoadMoney.Ru - партнерская программа”

Web server:
QRATOR (PHP/5.4.45)

Facebook:
Likes:  1
Shares:  11

Statistics above are for the previous month of March 2024.

bytedrive.ru

giga-delivery.ru

home-download.ru

iron-share.ru

personal-disk.ru

rapid-cdn.ru

webstorage1.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.