home

melauto.it

Melauto di Melina Vincenzo e Maurizio & C. S.a.s.

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Siena, Toscana within Italy which resides on the RIPE Network Coordination Centre network.
Server location:
Toscana, Italy (IT)

ASN:
AS31034 ARUBA-ASN Aruba S.p.A.

Whois:
2 melauto.it records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Baidu Antivirus
Adware.Win32.Server-Web
100.00%

ESET NOD32
Win32/Server-Web.HFS (variant)
100.00%

Reason Heuristics
Threat.Win.Reputation.IMP
100.00%

K7 AntiVirus
Trojan
100.00%

Kaspersky
not-a-virus:Server-FTP.Win32.SFH
100.00%

Sophos
Generic PUA NG
100.00%

AhnLab V3 Security
Trojan/Win32.Generic
100.00%

IKARUS anti.virus
not-a-virus:Server-FTP.Win32.SFH
100.00%

Fortinet FortiGate
Riskware/SFH
100.00%

The domain melauto.it has been seen to resolve to the following 8 IP addresses.

62.149.128.74
mxd5.aruba.it
February 7, 2014

62.149.128.157
mxd8.aruba.it
February 7, 2014

62.149.128.160
mxd1.aruba.it
February 7, 2014

62.149.128.166
mxd3.aruba.it
February 7, 2014

62.149.128.154
mxd7.aruba.it
February 7, 2014

62.149.128.151
mxd6.aruba.it
February 7, 2014

62.149.128.163
mxd2.aruba.it
February 7, 2014

62.149.128.72
mxd4.aruba.it
February 7, 2014

File downloads found at URLs served by melauto.it.

9 / 68      (PUP)
http://melauto.it/.../hfs.exe  (52364cf04ff8fb1834971de14ec7a7e3)

The following 18 files have been seen to comunicate with melauto.it in live environments.

TCP » 62.149.128.154:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 62.149.128.166:25
init.exe

TCP » 62.149.128.157:25
www.exe

TCP » 62.149.128.157:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 62.149.128.163:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 62.149.128.151:25
init.exe

TCP » 62.149.128.151:25
www.exe

TCP » 62.149.128.157:25
wrk.exe

TCP » 62.149.128.151:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 62.149.128.160:25
wrk.exe

TCP » 62.149.128.151:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 62.149.128.154:25
www.exe

TCP » 62.149.128.160:25
init.exe

TCP » 62.149.128.160:25
www.exe

TCP » 62.149.128.163:25
wrk.exe

TCP » 62.149.128.166:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 62.149.128.154:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 62.149.128.157:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 62.149.128.160:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 62.149.128.163:25
init.exe

 
Latest 20 of 35 files

February 7, 2014
www.melauto.it

URL:
http://melauto.it/

Title:
“di Melina V. e M. & C. S.a.s.”

Web server:
Apache/2.2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.