home

a.pomf.cat

Domain Information

Server location:
Illinois, United States (US)

ASN:
AS32181 ASN-GIGENET - GigeNET, US

Root domain:
pomf.cat

The domain a.pomf.cat has been seen to resolve to the following 3 IP addresses.

69.65.17.35
unknown.servernap.com
April 13, 2016

104.31.84.54
January 28, 2016

104.31.85.54
January 28, 2016

File downloads found at URLs served by a.pomf.cat.

0 / 68
https://a.pomf.cat/eiifdb.exe  (7c958be4bd88059f0c9979862a3d5697)

1 / 68      (inconclusive)
https://a.pomf.cat/slhwom.exe  (c94b62826d4c29da337910cc29307006)

1 / 68
https://a.pomf.cat/gmxgnu.exe  (f53311ad4fe979b4f776a2e380c93bda)

5 / 68      (Malware)
https://a.pomf.cat/osxhle.exe  (9924a2daf7991c391b8280c620aa3259)

4 / 68      (inconclusive)
https://a.pomf.cat/uqcbte.exe  (d041eaf0130774df4465d33f36c2fa70)

3 / 68      (inconclusive)
https://a.pomf.cat/hykrqb.exe  (bfe31a5f95201ab106ed25983a479cce)

6 / 68      (Malware)
https://a.pomf.cat/lgytnw.exe  (5adb6f962885886fb80f0f2a26b1b631)

3 / 68      (inconclusive)
https://a.pomf.cat/sosues.exe  (1d5f85988a0bb538d30ba29e8ebdf186)

3 / 68      (inconclusive)
https://a.pomf.cat/cbycrl.exe  (46b7c38eaa8602951b237c720f678644)

0 / 68
https://a.pomf.cat/gpphza.rbxl  (72a34398dd1e0565449d6113c31784fe)

0 / 68
http://a.pomf.cat/qbfnrr.exe  (5lyfr.exe)

0 / 68
https://a.pomf.cat/ivcwpr.apk  (ba5de1a26a198882dc864d77034e2870)

6 / 68      (Malware)
https://a.pomf.cat/qqzmjm.exe  (c1bfc5d6cb77e1f50a349d485ad12f25)

15 / 68    (Malware)
https://a.pomf.cat/xvhvef.exe  (d59147236cb9ed2474822b0998e7f945)

12 / 68    (Malware)
https://a.pomf.cat/fjinwq.exe  (aac26aac299d4ac49617deeabedfe4b1)

0 / 68
https://a.pomf.cat/bpyjoh.exe  (1h4g8zp.exe)

0 / 68
https://a.pomf.cat/qfrubf.webm  (05006f565b89a7e0c11cb3ed10124057)

0 / 68
https://a.pomf.cat/qgqnld.zip  (fde909852d48292dd361b85e2f2aa68a)

The following 4 files have been seen to comunicate with a.pomf.cat in live environments.

TCP » 69.65.17.35:443
zcashapplication.exe (System Host)

TCP » 69.65.17.35:443
javasched.exe

TCP » 69.65.17.35:443
javasched.exe (Application by GPA Generator)

TCP » 69.65.17.35:443
subprocess.exe (Social Club UI by Take-Two Interactive Software)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.