» www.studentenwerk-magdeburg.de
Overview
Analysis
IPs Addresses (1)
Downloads (4)

www.studentenwerk-magdeburg.de

Domain Information

Server location:

Sachsen-Anhalt, Germany (DE)

ASN:

AS680 DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE

Root domain:

studentenwerk-magdeburg.de

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

MicroWorld eScan

Gen:Variant.Graftor.140025, Gen:Variant.Kazy.383398, Gen:Variant.Symmi.42260

75.00%

Quick Heal

TrojanDownloader.Upatre.A4, Trojan.Inject.r3, Virtool.Ceeinject.WR4

75.00%

Zillya! Antivirus

Trojan.Sharik.Win32.665, Trojan.Injector.Win32.254812, Trojan.Sharik.Win32.945

75.00%

K7 AntiVirus

Trojan

75.00%

Agnitum Outpost

Trojan.Sharik, Trojan.Inject

75.00%

ESET NOD32

Win32/Injector.BCTU (variant), MSIL/Injector.DMI (variant), Win32/Injector.BCUS (variant)

75.00%

Trend Micro House Call

TROJ_INJECT.SMO1, TROJ_SPNR.09E214, TROJ_MALKRYP.SM1

75.00%

avast!

Win32:Zbot-TTX [Trj], Win32:Rootkit-gen [Rtk], Win32:Agent-ATNK [Trj]

75.00%

Kaspersky

HEUR:Trojan.Win32.Generic, Trojan.Win32.Sharik

75.00%

Bitdefender

Gen:Variant.Graftor.140025, Gen:Variant.Kazy.383398, Gen:Variant.Symmi.42260

75.00%

NANO AntiVirus

Trojan.Win32.Tishop.cwzvkw, Trojan.Win32.Inject.cyjonz, Trojan.Win32.Sharik.cwzioc

75.00%

Lavasoft Ad-Aware

Gen:Variant.Graftor.140025, Gen:Variant.Kazy.383398, Gen:Variant.Symmi.42260

75.00%

Comodo Security

UnclassifiedMalware, TrojWare.Win32.Injector.BEJX

75.00%

F-Secure

Gen:Variant.Graftor.140025, Gen:Variant.Kazy.383398, Gen:Variant.Symmi.42260

75.00%

Dr.Web

Trojan.DownLoad3.35002, Trojan.PWS.Panda.5841, Trojan.PWS.Panda.5676

75.00%

The domain www.studentenwerk-magdeburg.de has been seen to resolve to the following IP address.

141.44.1.45

www12.ovgu.de

April 15, 2016

File downloads found at URLs served by www.studentenwerk-magdeburg.de.

35 / 68 (Malware)

http://www.studentenwerk-magdeburg.de/?zom69sgq6rcz=526841ae41a (beautiful_photo_album.jpg.exe)

32 / 68 (Malware)

http://www.studentenwerk-magdeburg.de/?zom69sgq6rcz=526841ae41a ({blocked}.exe)

1 / 68 (Malware)

http://www.studentenwerk-magdeburg.de/?ikvm2knpa=09bd66e1b9efc70793e3b8 ({blocked}.exe)

35 / 68 (Malware)

http://www.studentenwerk-magdeburg.de/?r9s4t2otpf8s1=1ed7ac4ce5d22 (beautiful_photo_album.jpg.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.