The domain ni220471_1.vweb02.nitrado.net registered by marbis GmbH was initially registered in January of 2005 through CPS-DATENSYSTEME GMBH. Currently this domain has been known to host various forms of malware. The hosted servers are located in Malsch, Baden-Wurttemberg within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
CPS-DATENSYSTEME GMBH
Server location:
Baden-Wurttemberg, Germany (DE)
Create date:
Friday, January 21, 2005
Expires date:
Saturday, January 21, 2017
Updated date:
Wednesday, January 6, 2016
ASN:
AS34309 LINK11 Link11 GmbH,DE
Scanner detections:
Malware distribution (87% detected)
Scan engine
Details
Detections
Emsisoft Anti-Malware
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Gen:Variant.Symmi.58343, Trojan.GenericKD.3000350
76.19%
MicroWorld eScan
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Gen:Variant.Symmi.58343, Trojan.GenericKD.3000350, Trojan.GenericKD.2969499, Gen:Variant.Midie.3118, Gen:Variant.Strictor.76556
71.43%
Bitdefender
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Gen:Variant.Symmi.58343, Trojan.GenericKD.3000350
71.43%
G Data
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Gen:Variant.Symmi.58343, Trojan.GenericKD.3000350
71.43%
F-Secure
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Gen:Variant.Symmi.58343, Trojan.GenericKD.3000350
71.43%
McAfee
Artemis!C78E15F23023, Artemis!296EDC3328A5, Artemis!0A4161E3F1A0, Artemis!4BE54D5E46DF, Artemis!ABF5794AEE21, Artemis!3F5B867C9F77, Artemis!0D47B2A4DD89, Artemis!0DA1E4AF5CB6
66.67%
Lavasoft Ad-Aware
Gen:Variant.Symmi.58342, Gen:Variant.Symmi.59468, Trojan.GenericKD.2930311, Trojan.GenericKD.3000350, Gen:Variant.Symmi.58343
61.90%
Avira AntiVirus
TR/Symmi.2397696, TR/Symmi.2386944.2, TR/Symmi.2402304, TR/Symmi.2396160.2, TR/Symmi.2394112.1, TR/Rogue.1626112.39, TR/Rogue.1661952.3
61.90%
Arcabit
Trojan.Symmi.DE3E6, Trojan.Symmi.DE84C, Trojan.Generic.D2CB687, Trojan.Symmi.DE3E7, Trojan.Generic.D2DC81E, Trojan.Generic.D2D4F9B
61.90%
Qihoo 360 Security
Win32/Trojan.97a, HEUR/QVM19.1.Malware.Gen, HEUR/QVM33.0.Malware.Gen, Win32/Trojan.d6c
57.14%
Bkav FE
W32.HfsAutoB
42.86%
avast!
Win32:Evo-gen [Susp], Win32:Malware-gen, Win32:Apanas [Trj]
42.86%
AhnLab V3 Security
Trojan/Win32.Gen, Malware/Gen.Generic
42.86%
ESET NOD32
Win32/Packed.Themida suspicious (variant)
42.86%
Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F], PE:Malware.Generic/QRS!1.9E2D [F]
42.86%
The domain ni220471_1.vweb02.nitrado.net has been seen to resolve to the following IP address.
vweb02.nitrado.net
February 2, 2016
File downloads found at URLs served by ni220471_1.vweb02.nitrado.net.
URL:
http://ni220471_1.vweb02.nitrado.net/