home

vkmusic.ru

Dotcom Workshop LTD.

Domain Information

The domain vkmusic.ru registered by Dotcom Workshop LTD. was initially registered in August of 2011 through RU-CENTER-REG-RIPN. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pokrovka, Primor'Ye within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
RU-CENTER-RU

Server location:
Primor'Ye, Russia (RU)

Create date:
Tuesday, August 16, 2011

Expires date:
Tuesday, August 16, 2016

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.,RU

Whois:
3 vkmusic.ru records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Pentagon.M, PUP.Pentagon.Installer (M)
100.00%

ESET NOD32
MSIL/VKPentago, MSIL/VKPentago (variant)
83.33%

McAfee
Artemis!C1099C5F96EA, Artemis!5F2FC894AD67, Artemis!63925217310B
66.67%

K7 AntiVirus
Unwanted-Program , Trojan
66.67%

Trend Micro House Call
TROJ_GEN.R0CBH07BP14, TROJ_GEN.R02SH05JR14, TROJ_GEN.R002H05HM14
66.67%

Sophos
Generic PUA LH, Generic PUA EL, Generic PUA MP
66.67%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
33.33%

Vba32 AntiVirus
Signed-Downware.ZvuZona
33.33%

nProtect
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

Bitdefender
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

Lavasoft Ad-Aware
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

F-Secure
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

Dr.Web
Adware.Downware.5217
33.33%

Emsisoft Anti-Malware
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

G Data
Trojan.GenericKD.1832955, Trojan.GenericKD.1825963
33.33%

The domain vkmusic.ru has been seen to resolve to the following 2 IP addresses.

185.22.234.189
hosted-by.ihc.ru
April 4, 2016

46.254.19.209
hosted-by.ihc.ru
May 5, 2014

File downloads found at URLs served by vkmusic.ru.

10 / 68    (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (ca469e6ba8f195b0cda7ede416abc3c2)

1 / 68      (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (de480e223a877f13eb26300da2eddc43)

19 / 68    (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (63925217310bba7922b9892ad32f9d03)

15 / 68    (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (5f2fc894ad67d692973b0629d5ed3295)

2 / 68      (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (574dd3bab23f1fc2dd0201a86bf90ed5)

8 / 68      (PUP)
http://vkmusic.ru/VKMUSICsetup.exe  (c1099c5f96ea16279f16630537c454ef)

The following 10 files have been seen to comunicate with vkmusic.ru in live environments.

TCP » 185.22.234.189:80
FunSpace.Update.Process.exe (VKMusic Update process by LLC Pentagon)

TCP » 46.254.19.209:80
VKMusic.exe (VKMusicPlayer by LLC Pentagon)

TCP » 185.22.234.189:443
FunSpace.Update.Process.exe (VKMusic Update process by LLC Pentagon)

TCP » 185.22.234.189:80
VKMusic.exe (VKMusicPlayer by LLC Pentagon)

TCP » 185.22.234.189:443
VKMusic.exe (VKMusicPlayer by LLC Pentagon)

TCP » 185.22.234.189:80
FunSpace.Update.exe (FunSpace.Update)

TCP » 46.254.19.209:80
VKMusic.exe (VKMusicPlayer by LLC Pentagon)

TCP » 46.254.19.209:80
VKMusic.exe (VKMusicPlayer by LLC Pentagon)

TCP » 185.22.234.189:80
FunSpace.Update.exe (FunSpace.Update)

TCP » 185.22.234.189:443
FunSpace.Update.exe (FunSpace.Update)

TCP » 185.22.234.189:80
FunSpace.Update.Process.exe (VKMusic Update process by LLC Pentagon)

TCP » 185.22.234.189:443
FunSpace.Update.Process.exe (VKMusic Update process by LLC Pentagon)

TCP » 185.22.234.189:80
VKMusicSetup.exe (VKMusicPlayer by LLC Pentagon)

TCP » 185.22.234.189:80
VKMusicSetup.exe (VKMusicPlayer by LLC Pentagon)

April 4, 2016
app.vkmusic.ru

URL:
http://vkmusic.ru/

Title:
“VKmusic - программа для скачивания музыки Вконтакте”

Description:
“VKmusic - удобная, легкая, бесплатная программа для скачивания музыки вконтакте. Быстрый поиск и удобный плеер. VKmusic - лучший способ скачать музыку с вконтакте”

Web server:
nginx/1.0.15 (PHP/5.6.14)

Facebook:
Likes:  85
Shares:  868
Comments:  7

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.