malwr.com

Claudio Guarnieri

Domain Information

malwr.com is a fantastic malware research website that utilizes the Cuckoo Sandbox which allows users to upload files and receive a full detailed dynamic analysis of what the files does including network activities, and much more. Malwr was created and operated by Claudio nex Guarnieri and Alessandro jekil Tanasi and powered by The Shadowserver Foundation. The domain malwr.com registered by Claudio Guarnieri was initially registered in March of 2010 through GANDI SAS. The hosted servers are located in San Jose, California within the United States which resides on the Hurricane Electric, Inc. network.
Remove Malware from malwr.com - Powered by Reason Core Security
Registrar:
GANDI SAS

Server location:
California, United States (US)

Create date:
Tuesday, March 09, 2010

Expires date:
Wednesday, March 09, 2016

Updated date:
Wednesday, March 04, 2015

ASN:
AS6939 HURRICANE - Hurricane Electric, Inc.,US

Scanner detections:
Malware distribution  (78% detected)

Scan engine
Details
Detections

McAfee Web Gateway
Artemis!C6A0B1016CD8, BehavesLike.Win32.RAHack.nc, BehavesLike.Win32.Trojan.qm, BehavesLike.Win32.BackdoorNJRat.gc, Artemis!Trojan
87.50%

McAfee
Artemis!C6A0B1016CD8, generic!bg.ftt, Artemis!F99D5D0E6F9E, Artemis!6B65D5803184, GenericR-EZX!E822C6C07D88, BackDoor-EZG.b
75.00%

Trend Micro House Call
TROJ_GEN.F47V1219, TROJ_GEN.R01ZH09BB15, PAK_Generic.001, TROJ_GEN.F0C2C00AM15, TSPY_ZBOT.YUYAKU, BKDR_FYNLOS.SMIA
75.00%

AVG
MalSign.Adpeak, FakeAlert, Inject2, Atros, Zbot, Delf
75.00%

Microsoft Security Essentials
Adware:Win32/Adpeak, HackTool:Win32/Wincred.H, Trojan:Win32/Chanitor.A, Backdoor:Win32/Fynloski.K, PWS:Win32/Fareit, Backdoor:Win32/Fynloski.A
75.00%

Sophos
AdPeak, Troj/Agent-ALEF, Troj/MSIL-DTH, Troj/Fareit-TZ, Mal/DelfInj-A
62.50%

ESET NOD32
Win64/Adware.Adpeak (variant), Win32/Injector.BSXD, MSIL/Kryptik.DAI (variant), Win32/PSW.Fareit, Win32/Delf.OAZ
62.50%

VIPRE Antivirus
Adware.Adpeak, Trojan.Win32.Generic, Backdoor.Win32.Fynloski.A
62.50%

MicroWorld eScan
Gen:Variant.Graftor.Elzob.9261, Trojan.GenericKD.2084628, Trojan.GenericKD.2593985, Trojan.GenericKD.2859501, Backdoor.Fynloski.S
62.50%

avast!
Win32:Evo-gen [Susp], Win32:PePatch-P [Trj], Win32:Malware-gen, Win32:Flooder-GR [Trj]
62.50%

Bitdefender
Gen:Variant.Graftor.Elzob.9261, Trojan.GenericKD.2084628, Trojan.GenericKD.2593985, Trojan.GenericKD.2859501, Backdoor.Fynloski.S
62.50%

F-Secure
Gen:Variant.Graftor.Elzob.9261, Trojan.GenericKD.2084628, Trojan.GenericKD.2593985, Trojan.GenericKD.2859501, Backdoor.Fynloski.S
62.50%

Emsisoft Anti-Malware
Gen:Variant.Graftor.Elzob.9261, Trojan.GenericKD.2084628, Trojan.GenericKD.2593985, Trojan.GenericKD.2859501, Backdoor.Fynloski.S
62.50%

G Data
Gen:Variant.Graftor.Elzob.9261, Trojan.GenericKD.2084628, Trojan.GenericKD.2593985, Trojan.GenericKD.2859501, Backdoor.Fynloski
62.50%

Panda Antivirus
Trj/CI.A, Generic Suspicious, Generic Malware
62.50%

The domain malwr.com has been seen to resolve to the following 2 IP addresses.

cuckoo-prime.shadowserver.org
November 29, 2014

3-22-244-46.a2b-internet.com
February 1, 2014

File downloads found at URLs served by malwr.com.

0 / 68
https://malwr.com/analysis/file/NzhhOWU3YTUzYzZlNDM0YTliYjgxMDhkOTkwZmJhMzM/sample/.../  ({d2d8150c-a684-4a11-a6fd-044d076ae451}-f8990f71d53014ead02e13b4e063291d80dba9892b80843a9ffe007c81642)

URL:
http://malwr.com/

Google Analytics:
UA-30121810

Title:
“Malwr - Malware Analysis by Cuckoo Sandbox”

Description:
“Submit malware for free analysis with Cuckoo Sandbox”

SSL certificate subject:
CN=malwr.com, OU=Gandi Standard SSL, OU=Domain Control Validated

SSL certificate issuer:
CN=Gandi Standard SSL CA, O=GANDI SAS, C=FR

Web server:
nginx

Facebook:
Likes:  129
Shares:  136
Comments:  38

Twitter:
Shares:  346

Statistics above are for the previous month of November 2016.

Remove Malware from malwr.com - Powered by Reason Core Security