home

a.contract-your.xyz

Domain Information

Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
contract-your.xyz

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP
100.00%

The domain a.contract-your.xyz has been seen to resolve to the following 6 IP addresses.

185.28.193.192
192.193.28.185.gransy.com
June 19, 2016

31.170.178.179
June 19, 2016

54.72.130.67
ns1.ibspark.com
April 9, 2016

52.27.23.115
ec2-52-27-23-115.us-west-2.compute.amazonaws.com
June 28, 2015

52.26.202.175
ec2-52-26-202-175.us-west-2.compute.amazonaws.com
June 28, 2015

52.10.67.234
ec2-52-10-67-234.us-west-2.compute.amazonaws.com
June 28, 2015

File downloads found at URLs served by a.contract-your.xyz.

1 / 68      (Malware)
http://a.contract-your.xyz/hp/?q=jqXF6Dyo8hOoABCDWYRKZwIgIJnfo8EOEz8nJRnQQqIDSR51Lb0Tz05PsoYOzHqjpitUphk4Ata5lJ5Fam7xL4A8OcBYOw44R3PFcA6sLC0WckrmwN9TbNkIPX VVNWJ8L5nGPPRXM/.../t8dtb  (download.exe)

1 / 68      (Malware)
http://a.contract-your.xyz/hp/?q=k9k79xXNY3AfKYSUMOHqAj7v1ZEVNa3Co9UFj534j8uXDCzspg5pQp4UNZxCSJWijt/GFpeFkUlbBBAREDqSMgQaBDcAaay7bBX6BIWiEIwJSVNREM9vQz67tquX1lRqKOW Kl87t08seLUWdRh/CfWIzCo30KN6dPHum6 FfKIB/.../Y8Etb9  (b44a5f9c9133538b.exe)

1 / 68      (Malware)
http://a.contract-your.xyz/hp/?q=Ll3ZVWqku5Pp0tvqom2SoSiAwnXVfoBosZcrjB nsCl8v804 W2rbFm1MQriiNGuODjnNsNmELVIoUjx xbboSzhp/Rk//jrdsi9jI37mnZQnONonztz1ZGmN2NCH0Hl1uWT9QB/.../M3wfC6qiyZ PXFqbS7Hyc87TGsUqsDppzSaM2OtxFywRaaduE9eD3 vgpLQJib3uRC1XJJaDqCvqRC17F dP4WGgXEAsR5gnocOaqnPFc9eJbne 1Yjn  (download.exe)

1 / 68      (Malware)
http://a.contract-your.xyz/hp/?q=1ES BNZGqw12dG xztk5AjmfdxkFYBbfcASs/1a/WlOSSGcA/o7Slk/LfkEQvogA7pxMxAZ l9t75tmq2hAvjCOc6mAvKZQaerhdFsdhqrX1QRQZsJ7NazkmsEeLU8Ua0fCXsi5kRsUDyQOOPjguhzh8WjuZonQI7CayacWbFzvs OUEYen4eOl9hTYzbN2I/DTiD G9vZ FD6r4zSukFSx17poapvaSFVEs8TykMrHhhGvfk4pz/Du7D8yh AXk9sGfT/.../fnTaNYK  (download.exe)

The following 161 files have been seen to comunicate with a.contract-your.xyz in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 185.28.193.192:80
mdquickyksvc.exe (ModenQuick Service by PT. USENET)

TCP » 185.28.193.192:80
mdruyksvc.exe (ModernRu Service by PT. USENET)

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

TCP » 54.72.130.67:80
ssn.exe (ssn)

 
Latest 20 of 175 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.