» moontools.de
Overview
Analysis
IPs Addresses (2)
Downloads (4)
Subdomains (1)
Related Domains (1)

moontools.de

Domain Information

Server location:

Michigan, United States (US)

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

VIPRE Antivirus

Trojan.Win32.Generic

100.00%

ESET NOD32

MSIL/MoonTools (variant), MSIL/MoonTools.A potentially unsafe, MSIL/MoonTools.A potentially unsafe (variant)

100.00%

Trend Micro House Call

TROJ_GEN.R0CBB01K813, TROJ_GEN.R0C1C0OD115, TROJ_GE.936689D2

75.00%

Baidu Antivirus

Trojan.MSIL.MoonTools, Hacktool.MSIL.MoonTools

75.00%

NANO AntiVirus

Trojan.Win32.Agent.dkkhao

75.00%

Qihoo 360 Security

HEUR/Malware.QVM06.Gen, HEUR/QVM03.0.Malware.Gen

75.00%

McAfee

RDN/Generic.hra!bp, Artemis!05E0D61AC33B

50.00%

Comodo Security

UnclassifiedMalware

50.00%

Fortinet FortiGate

MSIL/MoonTools.A

50.00%

K7 AntiVirus

Unwanted-Program

50.00%

avast!

Win32:Malware-gen

50.00%

Bkav FE

W32.Clod196.Trojan

25.00%

Norman

Suspicious_Gen4.EZOSG

25.00%

Sophos

Generic PUA OI

25.00%

Panda Antivirus

Suspicious file

25.00%

The domain moontools.de has been seen to resolve to the following 2 IP addresses.

198.38.82.128

mocha2004.mochahost.com

May 5, 2015

212.1.215.234

srv215-234.hosting24.com

January 23, 2014

File downloads found at URLs served by moontools.de.

8 / 68 (PUP)

http://moontools.de/.../1.5.php (MoonTools.exe)

16 / 68 (PUP)

http://moontools.de/.../1.2.php (download1.2.exe)

12 / 68 (Malware)

http://moontools.de/.../1.4.php (download1.4.exe)

11 / 68 (Malware)

http://moontools.de/.../1.5.php (moontools.exe)

Subdomains

January 23, 2014

www.moontools.de

Related Domains

servertq.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.