» alris.wap.sh
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (8)
Related Domains (18)

alris.wap.sh

Domain Information

Server location:

Zuid-Holland, Netherlands (NL)

ASN:

AS57172 GLOBALLAYER Global Layer B.V.,NL

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.SlimWare.Optional.Installer.Meta (L)

100.00%

The domain alris.wap.sh has been seen to resolve to the following IP address.

xtgem.com

June 19, 2015

File downloads found at URLs served by alris.wap.sh.

1 / 68 (PUP)

http://alris.wap.sh/.../slimdrivers-setup_1.exe (SlimDrivers-setup.exe)

The following 8 files have been seen to comunicate with alris.wap.sh in live environments.

TCP » 188.95.50.114:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 188.95.50.114:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 188.95.50.114:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 188.95.50.114:80

messengertime.exe

TCP » 188.95.50.114:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 188.95.50.114:80

TCP » 188.95.50.114:80

online-guardian-v2.0.9.exe

TCP » 188.95.50.114:80

UCBrowser.exe (UC Browser by UCWeb)

Related Domains

bokepgratis.site

duanthang216.yn.lt

earlyface.yn.lt

xxxfile.download

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.