rudn3.carambis.com

Media Fog Ltd

Domain Information

The domain rudn3.carambis.com registered by Media Fog Ltd was initially registered in August of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sloboda, Voronezh within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from rudn3.carambis.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Voronezh, Russia (RU)

Create date:
Wednesday, August 06, 2008

Expires date:
Saturday, August 06, 2016

Updated date:
Monday, July 06, 2015

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ROSTPAY.AA, PUP.Installer.ROSTPAY.i, PUP.Installer.ROSTPAY.DD, PUP.Installer.ROSTPAY.CC, PUP.Installer.ROSTPAY.BB, PUP.MediaFrog.ROSTPAY.Installer (M)
94.44%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
38.89%

Dr.Web
Program.Unwanted.271, Program.Unwanted.328
33.33%

avast!
Win32:PUP-gen [PUP], Win32:Agent-AYCR [PUP]
27.78%

Trend Micro House Call
TROJ_GEN.F47V1103, Suspicious_GEN.F47V0302
11.11%

Baidu Antivirus
Hacktool.Win32.Bundled.BToolbar
5.56%

herdProtect (fuzzy)
a variant of b1882d752cf8263ffee3d3eceaf7144f79762d36
5.56%

K7 Gateway Antivirus
Riskware
5.56%

K7 AntiVirus
Riskware
5.56%

The domain rudn3.carambis.com has been seen to resolve to the following 2 IP addresses.

server9.ext.freeteam.org
October 13, 2015

server9.freeteam.org
May 1, 2014

File downloads found at URLs served by rudn3.carambis.com.

3 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

4 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

4 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)
http://rudn3.carambis.com/.../DriverUpdaterSetup-2.0.0.7614_ndtip.exe  (driverupdatersetup-2.0.0.7614+1397r07n04x92.exe)

The following file have been seen to comunicate with rudn3.carambis.com in live environments.

URL:
http://rudn3.carambis.com/

Google Analytics:
UA-753548

Title:
“Carambis software - all that you need!”

Web server:
nginx

Remove Malware from rudn3.carambis.com - Powered by Reason Core Security