» photolia.free.fr
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (2)
Website Detail
Related Domains (1)

photolia.free.fr

FREE SAS (Proxy Registrant)

Domain Information

The domain photolia.free.fr is registered by proxy through ONLINE SAS. Currently this domain has been known to host various forms of malware. The hosted servers are located in Bezons, Ile-De-France within France which resides on the RIPE Network Coordination Centre network.

Registrant:

FREE SAS

Registrar:

ONLINE SAS

Server location:

Ile-De-France, France (FR)

ASN:

AS12322 PROXAD Free SAS

Root domain:

free.fr

Whois:

1 free.fr record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

nProtect

Trojan/W32.Buzus.24064.AA

100.00%

McAfee

Generic.tra!b

100.00%

Malwarebytes

Trojan.Surebrec

100.00%

K7 AntiVirus

Trojan

100.00%

NANO AntiVirus

Trojan.Win32.Gendal.evgvx

100.00%

F-Prot

W32/Zbot.GH.gen

100.00%

Norman

Malware

100.00%

Trend Micro House Call

TROJ_GEN.R4AE1FF

100.00%

avast!

Win32:Downloader-FNL [Trj]

100.00%

Clam AntiVirus

Trojan.Buzus-9287

100.00%

Kaspersky

Trojan.Win32.Buzus

100.00%

Bitdefender

Trojan.Generic.5385962

100.00%

Agnitum Outpost

Trojan.Buzus

100.00%

ViRobot

Trojan.Win32.A.Buzus.15872

100.00%

Sophos

Mal/Inject-CEE

100.00%

The domain photolia.free.fr has been seen to resolve to the following IP address.

212.27.63.114

perso114-g5.free.fr

November 19, 2013

File downloads found at URLs served by photolia.free.fr.

39 / 68 (Malware)

http://photolia.free.fr/install_flash_player.exe (153f22623c2f1012ae4e7c88ba6020e1)

The following 2 files have been seen to comunicate with photolia.free.fr in live environments.

TCP » 212.27.63.114:80

online-guardian-v2.0.9.exe

TCP » 212.27.63.114:80

produpd.exe (produpd.exe by Vested Development, Inc)

URL:

http://photolia.free.fr/

Web server:

Apache/ProXad [Apr 20 2012 15:06:05]

Related Domains

online.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.