» blu202.afx.ms
Overview
IPs Addresses (1)
Downloads (1)
Network (16)
Related Domains (1)

blu202.afx.ms

Domain Information

Server location:

Washington, United States (US)

ASN:

AS8075 MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation,US

Root domain:

The domain blu202.afx.ms has been seen to resolve to the following IP address.

a-0006.a-msedge.net

September 12, 2015

File downloads found at URLs served by blu202.afx.ms.

0 / 68

https://blu202.afx.ms/.../GetAttachment.aspx?file=b07dacb4-6b53-42a9-b056-746867eb76c7.zip&ct=YXBwbGljYXRpb24vemlw&name=SXMgdGhlIGtleWJveCBzdGlsbCBvbi56aXA_3d&inline=0&rfc=0&empty=False&cid=72c192f86b9893c9&shared=1&biciPrevious=108fc3ab-fb8e-42a6-9a2f-90ed8e7d377d_29707530b45_10420&hm__login=charlie_5899&hm__domain=hotmail.com&ip=10.148.249.8&d=d75&mf=4&hm__ts=Mon, 07 Sep 2015 23:43:31 GMT&st=charlie_5899&hm__ha=01_06747adae294185b5dabab0a02a7bb1f362ae7a1343e2dabc088106901f99bf8&oneredir=1 (is the keybox still on.zip)

The following 16 files have been seen to comunicate with blu202.afx.ms in live environments.

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

online-guardian-v2.0.9.exe

TCP » 204.79.197.208:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 204.79.197.208:443

onlineguardian-v2.exe

TCP » 204.79.197.208:443

online-guardian.exe

TCP » 204.79.197.208:443

citrio.exe (Citrio by CatalinaGroup)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

ffgogogo.exe (ffgogogo by Mozilla)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (Vest's software office by Vest')

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 204.79.197.208:443

produpd.exe (produpd.exe by Vested Development, Inc)

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.