home

videooizleyin.com

whoisprotection biz

Domain Information

The domain videooizleyin.com registered by whoisprotection biz was initially registered in January of 2015 through FBS INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Nicosia, Nicosia within CY which resides on the RIPE Network Coordination Centre network.
Registrar:
FBS INC.

Server location:
Nicosia, CY (CY)

Create date:
Wednesday, January 28, 2015

Expires date:
Saturday, January 28, 2017

Updated date:
Friday, January 29, 2016

ASN:
AS51557 TR-FBS FBS BILISIM COZUMLERI TIC LTD STI.,TR

Whois:
2 videooizleyin.com records

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Gen:Variant.Symmi.48611, Gen:Variant.Symmi.49919
100.00%

nProtect
Trojan.Generic.12585790
100.00%

Quick Heal
TrojanDownloader.Murlo.clv.n3
100.00%

Malwarebytes
Trojan.Agent.KI
100.00%

Bitdefender
Gen:Variant.Symmi.48611, Gen:Variant.Symmi.49919
100.00%

Norman
VBTroj.VWAF
100.00%

avast!
Win32:Dropper-gen [Drp]
100.00%

Kaspersky
Trojan.Win32.VB
100.00%

Lavasoft Ad-Aware
Gen:Variant.Symmi.48611, Gen:Variant.Symmi.49919
100.00%

Comodo Security
TrojWare.Win32.Injector.DSTF
100.00%

F-Secure
Gen:Variant.Symmi.48611, Gen:Variant.Symmi.49919
100.00%

Dr.Web
Trojan.Siggen1.63828
100.00%

Zillya! Antivirus
Trojan.VB.Win32.131371
100.00%

Emsisoft Anti-Malware
Gen:Variant.Symmi.48611, Gen:Variant.Symmi.49919
100.00%

Avira AntiVirus
TR/Crypt.cfi.besd
100.00%

The domain videooizleyin.com has been seen to resolve to the following 2 IP addresses.

93.89.226.17
93-89-226-17.fbs.com.tr
January 29, 2016

95.85.10.32
May 5, 2015

File downloads found at URLs served by videooizleyin.com.

23 / 68    (Malware)
http://videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

23 / 68    (Malware)
http://videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

24 / 68    (Malware)
http://videooizleyin.com/dl.php  (install_flashplayer14x32_x64md_aaa_aih.exe)

The following 42 files have been seen to comunicate with videooizleyin.com in live environments.

TCP » 93.89.226.17:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 93.89.226.17:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 93.89.226.17:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 93.89.226.17:80
uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 93.89.226.17:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 93.89.226.17:80
genupdater.exe

TCP » 93.89.226.17:80
adobe online.com

TCP » 93.89.226.17:80
mobogeniehelper.exe

TCP » 93.89.226.17:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 93.89.226.17:80
rocketdock.exe

TCP » 93.89.226.17:80
pbiiuvda.exe

TCP » 93.89.226.17:80
winrar4.exe (AsiM0us3 by Asiturk)

TCP » 93.89.226.17:80
windefender.exe (Defend Center)

TCP » 93.89.226.17:80
updates.exe

TCP » 93.89.226.17:80
USBGuard.EXE (USBGuard Application by Zbshareware Lab)

TCP » 93.89.226.17:80
msiql.exe

TCP » 93.89.226.17:80
adobe online.com

TCP » 93.89.226.17:80
DrvUpdater.exe (DRP Su Updater)

TCP » 93.89.226.17:80
service.exe

TCP » 93.89.226.17:80
service.exe

 
Latest 20 of 42 files

May 5, 2015
www.videooizleyin.com

URL:
http://videooizleyin.com/

Title:
“Untitled Page”

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 2.0.50727)

bufiyataolmaz.com

hotvideo.website

sxe-anticheat.org

tuxcswjc.website

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.