home

www.thursaaw.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
thursaaw.com

Scanner detections:
Malware distribution  (65% detected)

Scan engine
Details
Detections

McAfee
W32/Gnamer, Artemis!72CB31555DA5, Artemis!0756591F5975, Virus.W32/Swisyn.ai, Virus.W32/Sality.gen.z
64.29%

Dr.Web
Trojan.Inject1.28681, riskware program Program.Unwanted.493, Trojan.InstallCore.978, Trojan.VbCrypt.250, Win32.Sector.30
64.29%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Virus:Win32/Grenam.A, Threat.Undefined
57.14%

avast!
Win32:Agent-AODJ [Trj], Win32:Malware-gen, Win32:VB-OJQ [Wrm], Win32:Sality, Win32:Kukacka
57.14%

Kaspersky
Virus.Win32.Renamer, not-a-virus:AdWare.Win32.Pibee, Trojan.Win32.Agent, Virus.Win32.Sality
57.14%

ESET NOD32
Detection.Undefined, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/VB.QOT trojan, Win32/Sality.NBA virus
50.00%

F-Prot
W32/Renamer.A.gen, W32/Sality.gen2
42.86%

Reason Heuristics
PUP.Reimage (L), Adware.Bundler (M), Threat.Win.Reputation.IMP
42.86%

F-Secure
Application:W32/Generic.70053c248f!Online, Variant.Graftor.128283, Win32.Sality.3
35.71%

Norman
Renamer.M, Win32.Sality.3
35.71%

Trend Micro House Call
TROJ_AGENT_005249.TOMB, Suspicious_GEN.F47V0520, PUA_INSTACOR
28.57%

Emsisoft Anti-Malware
Worm.Generic.377772, Gen:Variant.Graftor.128283, Win32.Sality
28.57%

VIPRE Antivirus
Virus.Win32.Grenam.a, Trojan.Win32.Generic, Threat.4758034
28.57%

Sophos
Troj/Eloigne-L, W32/Renamer-K, Install Core (PUA), Virus 'Mal/Sality-D'
28.57%

Baidu Antivirus
Worm.Win32.Delf, PUA.Win32.ReImageRepair, Adware.Win32.Agent, Adware.Win32.InstallCore
28.57%

The domain www.thursaaw.com has been seen to resolve to the following IP address.

52.35.105.138
ec2-52-35-105-138.us-west-2.compute.amazonaws.com
April 12, 2016

File downloads found at URLs served by www.thursaaw.com.

0 / 68
http://www.thursaaw.com/.../installer.exe  (6e4a3cca8ae4516c72f5511ac8539145)

11 / 68    (Infected)
http://www.thursaaw.com/.../installer.exe  (28edfbfaee34a142dcf2f1a62723cf97)

0 / 68
http://www.thursaaw.com/.../installer.exe  (319719f936a5ef16c45acd681dc5894f)

0 / 68
http://www.thursaaw.com/.../installer.exe  (2de4a01f0b3632cfce64da4e3404a2fe)

17 / 68    (PUP)
http://www.thursaaw.com/.../installer.exe  (0756591f597552415e42b0781d2e4811)

0 / 68
http://www.thursaaw.com/.../installer.exe  (0021a5dbdafbe841d9c9419a2131ce84)

0 / 68
http://www.thursaaw.com/.../installer.exe  (95f2e25e44b9d6a3b4598af21f4409e4)

2 / 68      (false positives)
http://www.thursaaw.com/.../installer.exe  (wrar420.exe)

10 / 68    (Infected)
http://www.thursaaw.com/.../installer.exe  (11457a44d8d6a118a80a7005a255b8f9)

10 / 68    (Malware)
http://www.thursaaw.com/.../installer.exe  (2aac0e28c4468c83359cc7414fe9ca50)

10 / 68    (PUP)
http://www.thursaaw.com/.../installer.exe  (reimagerepair.exe)

1 / 68      (Malware)
http://www.thursaaw.com/.../installer.exe  (40910ee4e22d905a0a5c137ce6a378d3)

0 / 68
http://www.thursaaw.com/.../installer.exe  (ed83cf4b6947217d78f507a6cbaeeda6)

8 / 68      (Malware)
http://www.thursaaw.com/.../installer.exe  (c30ae6231eeadd5fe55d4c422f89f858)

38 / 68    (PUP)
http://www.thursaaw.com/.../installer.exe  (epm.exe)

9 / 68      (Infected)
http://www.thursaaw.com/.../installer.exe  (22acf4353875f13e3037d3dc65db74c3)

1 / 68      (Malware)
http://www.thursaaw.com/.../installer.exe  (62fb51f15087ba5c66fca78215d8349d)

35 / 68    (Malware)
http://www.thursaaw.com/.../installer.exe  (uninst.exe)

1 / 68      (Malware)
http://www.thursaaw.com/.../installer.exe  (76d3ba27f4a80aaf0172060fec1631e2)

1 / 68      (Malware)
http://www.thursaaw.com/.../installer.exe  (2fa8da2842f810eb41c511282ee7bbe7)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.