home

mrhomepage.cdnmail.ru

Domain Information

Server location:
Moscow City, Russia (RU)

ASN:
AS47764 MAILRU-AS Limited liability company Mail.Ru

Root domain:
cdnmail.ru

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Rising Antivirus
PE:Trojan.RuMail!1.6574
100.00%

Reason Heuristics
PUP.Optional.MailRu.K
100.00%

The domain mrhomepage.cdnmail.ru has been seen to resolve to the following IP address.

94.100.180.110
moscow.cdnmail.ru
January 6, 2015

File downloads found at URLs served by mrhomepage.cdnmail.ru.

2 / 68      (PUP)
http://mrhomepage.cdnmail.ru/MRHomePage.exe  (1bfcd62d6d2fa2d792789ae07d9b640b)

The following 2556 files have been seen to comunicate with mrhomepage.cdnmail.ru in live environments.

TCP » 94.100.180.110:443
mrswitcher.exe (Mail.Ru Switcher by Mail.Ru)

TCP » 94.100.180.110:80
lz0pyia11di2.exe (MailRuSputnik)

TCP » 94.100.180.110:80
MailRuUpdater.exe (MailRuUpdater by Mail.Ru)

TCP » 94.100.180.110:80
mrupdater.exe.dul! (MailRuUpdater by Mail.Ru)

TCP » 94.100.180.110:443
amigo_bundle.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:80
mrutmp.exe (MailRuUpdater by Mail.Ru)

TCP » 94.100.180.110:80
0kvsaydztly2.exe (Amigo@Mail.Ru by Mail.Ru)

TCP » 94.100.180.110:443
launcher.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:80
assassins_creed_unity__v_1.5.0__dlcs__2014_pc__repack_ot_r.g._mehaniki.torrent.exe (PackageForTheWeb Stub by InstallShield Software)

TCP » 94.100.180.110:443
d004-88d9-f907-dfe3 (Amigo@Mail.Ru by Mail.Ru)

TCP » 94.100.180.110:443
thumbnail.exe (Kometa Start Button by Kometa LCC)

TCP » 94.100.180.110:80
sanonmp250.exe (PackageForTheWeb Stub by InstallShield Software)

TCP » 94.100.180.110:80
amigo.exe (Amigo by Mail.Ru)

TCP » 94.100.180.110:443
amigo_bundle.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 94.100.180.110:443
amigo_bundle.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:443
amigo_dkit.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:80
free_minecraft_intro.exe (PackageForTheWeb Stub by InstallShield Software)

TCP » 94.100.180.110:443
amigo_bndl.exe (Mail.Ru Launcher by Mail.Ru)

TCP » 94.100.180.110:443
amigo_bndl.exe (Mail.Ru Launcher by Mail.Ru)

 
Latest 20 of 2,568 files

mail.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.