home

unikey.vn

Domain Information

Server location:
Ho Chi Minh, Vietnam (VN)

ASN:
AS18403 FPT-AS-AP The Corporation for Financing & Promoting Technology, VN

Scanner detections:
Malware distribution  (70% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/VB.OSK trojan, Win32/Sality.NBA virus, Win32/Neshta.A virus
50.00%

avast!
Win32:VB-OJQ [Wrm], Win32:SaliCode, Win32:Kukacka, Win32:Sality, Win32:Crypt-SKC [Trj]
50.00%

Norman
Trojan.Generic.6753864, Win32.Sality.3, Gen:Variant.Razy.16614, Win32.Neshta.A
50.00%

Microsoft Security Essentials
Threat.Undefined
47.37%

F-Prot
W32/VB.AD.gen, W32/Sality.gen2, W32/Sality.E.gen, W32/Virut.AI!Generic, W32/HLLP.41472
47.37%

Dr.Web
Trojan.Siggen6.54687, Win32.Sector.30, Win32.HLLP.Neshta
42.11%

Emsisoft Anti-Malware
Trojan.Generic.6753864, Win32.Sality, Gen:Variant.Razy.16614, Worm.Generic.605224
42.11%

Reason Heuristics
Threat.Win.Reputation.IMP
42.11%

AVG
Win32/Sality, Worm/Delf.FF
34.21%

Kaspersky
Trojan.Win32.Swisyn, Virus.Win32.Sality, Virus.Win32.Neshta
31.58%

McAfee
Virus.W32/Swisyn.ag, Virus.W32/Sality.gen.z
21.05%

VIPRE Antivirus
Threat.4276445, Threat.4721115, Threat.4763461
15.79%

F-Secure
Win32.Sality.3, Trojan.Generic.6753864
10.53%

Qihoo 360 Security
HEUR/QVM06.1.0000.Malware.Gen
5.26%

Sophos
Virus 'Mal/Sality-D'
2.63%

The domain unikey.vn has been seen to resolve to the following 4 IP addresses.

104.28.18.3
April 7, 2016

104.28.19.3
April 7, 2016

192.185.143.125
192-185-143-125.unifiedlayer.com
April 30, 2014

210.245.90.209
210-245-90-209.shared.hostvn.net
January 1, 2014

File downloads found at URLs served by unikey.vn.

1 / 68      (Malware)
http://unikey.vn/download/.../UniKey-4.2RC4-140823-Setup_x32.exe  (478d1ef9192a0b68e7f45043728cef2d)

0 / 68
http://unikey.vn/vietnam/.../UniKey-4.0RC2-1101-Setup_x64.exe  (54f333a634b9714639978075831004f1)

0 / 68
http://unikey.vn/vietnam/.../UniKey-4.0RC2-1101-Setup.exe  (9cd1be5189bbb9272a12e977e3bc0a04)

0 / 68
http://unikey.vn/download/.../UniKey-4.2RC4-140823-Setup_x64.exe  (ecb4b6197a2ee0b552411f01c0fea016)

2 / 68      (inconclusive)
http://unikey.vn/.../UniKey-4.0RC2-1101-Setup.exe  (7fafbd7f703b1d7456aac636d34fb8d8)

1 / 68      (Malware)
http://unikey.vn/download/.../UniKey-4.2RC4-140823-Setup_x64.exe  (bcaafe00c5afef0ddeb0583dc2f12ce9)

6 / 68      (Malware)
http://unikey.vn/download/.../UniKey-4.2RC4-140823-Setup_x32.exe  (85de26d5f543d3f115849a6cfbf09732)

7 / 68      (Malware)
http://unikey.vn/.../UniKey-4.0RC2-1101-Setup_x64.exe  (5441e8d8a41976393355b15c31cddbf5)

0 / 68
http://unikey.vn/download/.../unikey42RC4-140823-win64.zip  (unikey-win64.zip)

The following file have been seen to comunicate with unikey.vn in live environments.

TCP » 210.245.90.209:80
UCBrowser.exe (UC Browser by UCWeb)

bagas31.com

just-aion.net

k4hlw.com

mayincugiare.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.