home

rudn2.carambis.com

Media Fog Ltd

Domain Information

The domain rudn2.carambis.com registered by Media Fog Ltd was initially registered in August of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sloboda, Voronezh within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Voronezh, Russia (RU)

Create date:
Wednesday, August 6, 2008

Expires date:
Saturday, August 6, 2016

Updated date:
Monday, July 6, 2015

ASN:
AS9002 RETN-AS RETN Limited

Root domain:
carambis.com

Whois:
2 carambis.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ROSTPAY.BB, PUP.Installer.ROSTPAY.AA, PUP.Installer.ROSTPAY.CC, PUP.MediaFrog.ROSTPAY.Installer (M)
100.00%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
60.00%

Baidu Antivirus
Hacktool.Win32.Bundled.bToolbar
20.00%

The domain rudn2.carambis.com has been seen to resolve to the following 2 IP addresses.

46.46.160.233
February 4, 2016

87.245.204.36
server6.freeteam.org
December 2, 2014

File downloads found at URLs served by rudn2.carambis.com.

1 / 68      (PUP)
http://rudn2.carambis.com/.../InstallerDU-2.4.2.9633_windriver.exe  (installerdu-2.4.2.9633.exe)

1 / 68      (PUP)
http://rudn2.carambis.com/.../DriverUpdaterSetup-2.0.0.6002_btmdr.exe  (driverupdatersetup-2.0.0.6002.exe)

2 / 68      (PUP)
http://rudn2.carambis.com/SoftwareUpdaterSetup-2.0.0.1320.exe  (eaddb4fc4913e43e00de368e3e9e16a5)

3 / 68      (PUP)
http://rudn2.carambis.com/DriverUpdaterSetup-2.3.1.4215.exe  (092dfa5c359ee09224f9f1b7e553c2f3)

2 / 68      (PUP)
http://rudn2.carambis.com/.../DriverUpdaterSetupA-2.3.1.4215_drvnet.exe  (driverupdatersetupa-2.3.1.4215.exe)

The following 111 files have been seen to comunicate with rudn2.carambis.com in live environments.

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
ScreenShooter.exe (ScreenShooter by Carambis)

TCP » 46.46.160.233:80
installerdu.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
su-pro.exe (Carambis Software Updater Pro by ROSTPAY)

TCP » 46.46.160.233:80
dupdater.exe (Carambis Driver Updater by MEDIA FOG)

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
driverupdater.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
carambiscleaner.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.4.2.9633.exe (Carambis Installer by Carambis (ROSTPAY.))

TCP » 46.46.160.233:80
installerdu-2.3.1.7789.exe (Carambis Installer by Carambis (MEDIA FOG.))

TCP » 46.46.160.233:80
installercc-1.3.3.5315.exe (Carambis Installer by Carambis (ROSTPAY.))

 
Latest 20 of 111 files

URL:
http://rudn2.carambis.com/

Google Analytics:
UA-753548

Title:
“Carambis software - all that you need!”

Web server:
nginx

azfonts.net

carambis.fr

carambis.ru

dll.ru

nodevice.com

nodevice.fr

softlim.com

softsalad.com

softsalad.ru

techno-files.com

timeserver.ru

vpnservice.ru

windowsdrivers.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.