boxesists.com

Pending Renewal or Deletion

Domain Information

The domain boxesists.com registered by Pending Renewal or Deletion was initially registered in August of 2014 through DYNADOT, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
DYNADOT, LLC

Server location:
Oregon, United States (US)

Create date:
Wednesday, August 27, 2014

Expires date:
Thursday, August 27, 2015

Updated date:
Thursday, August 27, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Malware distribution  (86% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WebPick.Stanisla (M), Threat.Win.Reputation.IMP, PUP.Bundler (M), PUP.WebPick.AlexeyKu (M), Adware.Generic.AT (M), Adware.BrowserPlugin (M), PUP.WebPick (M)
81.82%

avast!
Win32:FakeDownload-G [PUP], Win32:FakeDownload-E [PUP], Win32:MultiPlug-QV [PUP], Win32:MultiPlug-SY [PUP], Win32:Agent-AYLT [PUP]
22.73%

Norman
Gen:Variant.Adware.Multiplug.11, Gen:Variant.Razy.7303
20.45%

ESET NOD32
Win32/Adware.MultiPlug.EP application, Win32/Adware.MultiPlug.DP application
18.18%

AVG
Adware Generic6.MBG, Adware Generic6.MEW, Adware Generic6.FZS, Adware Generic6.MDM, Adware Generic_r.WW, Adware Generic6.LWZ
18.18%

Emsisoft Anti-Malware
Gen:Variant.Adware.Multiplug.11, Gen:Variant.Razy.7303
15.91%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.MultiPlug
11.36%

Microsoft Security Essentials
Threat.Undefined
9.09%

VIPRE Antivirus
Threat.5180739
6.82%

Dr.Web
Trojan.Crossrider1.18169, Trojan.Crossrider.36840
4.55%

McAfee
Program.MultiPlug-FVH
2.27%

The domain boxesists.com has been seen to resolve to the following 9 IP addresses.

ec2-52-4-209-250.compute-1.amazonaws.com
August 28, 2015

ec2-52-27-128-59.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-52-27-128-56.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-52-27-128-62.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-54-68-13-248.us-west-2.compute.amazonaws.com
May 3, 2015

ec2-54-200-195-191.us-west-2.compute.amazonaws.com
May 3, 2015

ec2-54-213-72-9.us-west-2.compute.amazonaws.com
May 3, 2015

ec2-54-148-131-181.us-west-2.compute.amazonaws.com
November 29, 2014

ec2-54-191-200-75.us-west-2.compute.amazonaws.com
November 29, 2014

File downloads found at URLs served by boxesists.com.

 
Latest 30 of 198 download URLs

The following 66 files have been seen to comunicate with boxesists.com in live environments.

 
Latest 20 of 68 files