» a.proffi-sun.work
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (11)
Related Domains (3)

a.proffi-sun.work

Domain Information

Server location:

Arizona, United States (US)

ASN:

AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:

proffi-sun.work

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Threat.Win.Reputation.IMP

100.00%

The domain a.proffi-sun.work has been seen to resolve to the following IP address.

ip-50-63-202-71.ip.secureserver.net

July 15, 2016

File downloads found at URLs served by a.proffi-sun.work.

1 / 68 (Malware)

http://a.proffi-sun.work/hp/?q=LF2XT5f/.../FaA62GkVUJhQju4Y9ejJ5uUu2eVzK7q7aK KrE4JvraNUsQBJdS4G1kZaLqyriyG7yAQI8xq5zlunCLSuWdlC9AMzh0dSNBdzLu6P8nBnt5Gl3RhlB62tbjf1Iv2gLFly6vUTRlrzP5dKY&external_id=1437881604752656793 (eng.exe)

The following 11 files have been seen to comunicate with a.proffi-sun.work in live environments.

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

TCP » 50.63.202.71:80

ytd.exe (YTD Video Downloader by GreenTree Applications SRL)

Related Domains

androiddesktopremote.com

minecraftinstallers.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.