home

aboads.adk2x.com

PLYmedia

Domain Information

The domain aboads.adk2x.com registered by PLYmedia was initially registered in February of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, February 13, 2014

Expires date:
Monday, February 13, 2017

Updated date:
Monday, January 25, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
adk2x.com

Whois:
2 adk2x.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Outbrowse.SalyutemPlyus.Bundler (M), PUP.InstallCore.FC.Installer (M)
100.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.Amonetize.14
33.33%

McAfee
Artemis!0005F359062B
33.33%

AegisLab AV Signature
AdWare.W32.Amonetize
33.33%

avast!
Win32:Amonetize-DQ [PUP]
33.33%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize
33.33%

Bitdefender
Gen:Variant.Application.Bundler.Amonetize.14
33.33%

NANO AntiVirus
Riskware.Win32.Amonetize.devzun
33.33%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Amonetize.14
33.33%

F-Secure
Gen:Variant.Application.Bundler
33.33%

Avira AntiVirus
ADWARE/Adware.Gen2
33.33%

AhnLab V3 Security
PUP/Win32.Amonetize
33.33%

G Data
Gen:Variant.Application.Bundler.Amonetize.14
33.33%

Panda Antivirus
Trj/Genetic.gen
33.33%

AVG
Generic_r
33.33%

The domain aboads.adk2x.com has been seen to resolve to the following 25 IP addresses.

104.197.27.39
39.27.197.104.bc.googleusercontent.com
May 19, 2016

104.197.4.140
140.4.197.104.bc.googleusercontent.com
May 19, 2016

104.154.52.119
119.52.154.104.bc.googleusercontent.com
May 19, 2016

104.154.33.56
56.33.154.104.bc.googleusercontent.com
May 19, 2016

146.148.73.59
59.73.148.146.bc.googleusercontent.com
May 19, 2016

146.148.57.82
82.57.148.146.bc.googleusercontent.com
May 19, 2016

146.148.47.149
149.47.148.146.bc.googleusercontent.com
May 19, 2016

130.211.160.193
193.160.211.130.bc.googleusercontent.com
May 19, 2016

130.211.124.223
223.124.211.130.bc.googleusercontent.com
May 19, 2016

130.211.124.66
66.124.211.130.bc.googleusercontent.com
May 19, 2016

104.197.148.20
20.148.197.104.bc.googleusercontent.com
May 19, 2016

104.197.69.2
2.69.197.104.bc.googleusercontent.com
May 19, 2016

52.4.221.159
ec2-52-4-221-159.compute-1.amazonaws.com
February 29, 2016

52.4.220.195
ec2-52-4-220-195.compute-1.amazonaws.com
February 29, 2016

52.4.99.48
ec2-52-4-99-48.compute-1.amazonaws.com
February 29, 2016

130.211.131.135
135.131.211.130.bc.googleusercontent.com
February 29, 2016

104.197.8.96
96.8.197.104.bc.googleusercontent.com
February 29, 2016

54.86.124.220
ec2-54-86-124-220.compute-1.amazonaws.com
February 29, 2016

52.6.89.20
ec2-52-6-89-20.compute-1.amazonaws.com
February 29, 2016

52.6.19.243
ec2-52-6-19-243.compute-1.amazonaws.com
February 29, 2016

52.5.215.30
ec2-52-5-215-30.compute-1.amazonaws.com
February 29, 2016

52.5.180.32
ec2-52-5-180-32.compute-1.amazonaws.com
February 29, 2016

52.4.238.197
ec2-52-4-238-197.compute-1.amazonaws.com
February 29, 2016

130.211.120.135
135.120.211.130.bc.googleusercontent.com
November 2, 2014

146.148.54.161
161.54.148.146.bc.googleusercontent.com
November 2, 2014

File downloads found at URLs served by aboads.adk2x.com.

1 / 68      (Adware)
http://aboads.adk2x.com/click/0EBvCU1lwr7NoMIuU2Su7mfVipXh0sBPGE-MSnwotCMQG9IMRxeueh-j3Ehjq8Q_SzU-TjDyY_hRmJasqTXFfo5EuedjxLl-lgCLUwp_Rtdj9dR8Wn6FOLAqRct83VwXZZ-3lOxB4W2R5pQZrB-fzid-aevmCAqaU8wO-oa_Y1UnJlv1WMAXsEI85islR7hz0nVNMTsZMmtr_gP2wE9ribVn-ts7yHHYcZ9zhxKbIFRVNNtqLQ//http://.../down.php?p=VELISMEDIA2-DD&trckid=0EBvCU1lwr7NoMIuU2Su7mfVipXh0sBPGE-MSnwotCMQG9IMRxeueh-j3Ehjq8Q_SzU-TjDyY_hRmJasqTXFfo5EuedjxLl-lgCLUwp_Rtdj9dR8Wn6FOLAqRct83VwXZZ-3lOxB4W2R5pQZrB-fzid-aevmCAqaU8wO-oa_Y1UnJlv1WMAXsEI85islR7hz0nVNMTsZMmtr_gP2wE9ribVn-ts7yHHYcZ9zhxKbIFRVNNtqLQ  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://aboads.adk2x.com/click/5EBYOBL4R3sIcVIUPHvXhvc7AYbgwqYt2zHTN2b_62-aBMck1I2rpYRpQdFqjJZleeGWVFnbGMu6ZJdBNhIu_bEb1KMkENHb8HCbxdAKqM0mS_s6ZL90-OArZlD5S3LgDQ5yVEbKGn8A00jTLDuFfQMvVtr2PcbQiDJIfq6t1DHRrbEhVk_NZhvcCex2CwI_MxsxDCoG4Ct9EE45VzlZa4kSAqd-au_EGNnZZ8EL9TqLAxa-4dRLEajIylTweec//http://get.DDLMEDIA1002.INFO/.../Get?p=7317&d=24937&l=1694&n=0&d1=NUMBER&clickid=5EBYOBL4R3sIcVIUPHvXhvc7AYbgwqYt2zHTN2b_62-aBMck1I2rpYRpQdFqjJZleeGWVFnbGMu6ZJdBNhIu_bEb1KMkENHb8HCbxdAKqM0mS_s6ZL90-OArZlD5S3LgDQ5yVEbKGn8A00jTLDuFfQMvVtr2PcbQiDJIfq6t1DHRrbEhVk_NZhvcCex2CwI_MxsxDCoG4Ct9EE45VzlZa4kSAqd-au_EGNnZZ8EL9TqLAxa-4dRLEajIylTweec  (installation.exe)

16 / 68    (PUP)
http://aboads.adk2x.com/click/QAYmM-yrMGA_Lqm7l-fWaM4Z2OlUHBZMRPbcJaYh08TIoyOal8iulH1y1sWLuDU6ulLS02Fl3CrNxwKugDLuy2OrJlBtBNFiuNgRIvHCNzyGVzIxUFbDjjH0101zDdX1t5Fv91MjFM7_HMqgJtMnx-FxfViYSZv38X2S2Bpg3jfIVCgD02gyZkYNxB3GDZHiqO9COQIfxt5ZXRNWpfbh2Ce1-akKyEG8ZE_c7EAZmsfguxkO-_ENOFY6kFSPJGQ//http://www.freeplayflashgames.com/.../sudoku-quest-dd.html?ver=1.1.1.72&epu=no&ci=6769&ti1=QAYmM-yrMGA_Lqm7l-fWaM4Z2OlUHBZMRPbcJaYh08TIoyOal8iulH1y1sWLuDU6ulLS02Fl3CrNxwKugDLuy2OrJlBtBNFiuNgRIvHCNzyGVzIxUFbDjjH0101zDdX1t5Fv91MjFM7_HMqgJtMnx-FxfViYSZv38X2S2Bpg3jfIVCgD02gyZkYNxB3GDZHiqO9COQIfxt5ZXRNWpfbh2Ce1-akKyEG8ZE_c7EAZmsfguxkO-_ENOFY6kFSPJGQ  (sudokuquest__6769_i1384334763_il396.exe)

The following file have been seen to comunicate with aboads.adk2x.com in live environments.

TCP » 130.211.120.135:80
42fe.tmp.exe

TCP » 130.211.120.135:443
42fe.tmp.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.