home

cloudcrypter.pw

Domain Information

Server location:
Arizona, United States (US)

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc., US

Scanner detections:
Malware distribution  (88% detected)

Scan engine
Details
Detections

ESET NOD32
MSIL/Injector.OVC trojan, MSIL/Injector.OUU trojan, MSIL/Kryptik.FRN trojan, MSIL/Kryptik.EXJ trojan, MSIL/Kryptik.GRX trojan, MSIL/Kryptik.GWF trojan, MSIL/GenKryptik.LJ trojan
100.00%

McAfee
Trojan.Trojan-FIHN!A81AFE00D9C7, Trojan.Trojan-FIHN!83D43C18B648, Trojan.Trojan-FIHN!9F82105AEA42, Trojan.Trojan-FIHN!E2B9B8D351D4, Trojan.Trojan-FIHN!F26816065E64, Trojan.Trojan-FIHN!4B7A1BDC5ED8, Trojan.Trojan-FIHN!737C7B94DE4B, Trojan.Trojan-FIHN!AC92C4DE15CD, Trojan.Trojan-FIHN!32F064704F4E, Trojan.Trojan-FIHN!E04A4B8ACDF5, Trojan.Trojan-FIHN!473E8F5F9962, Trojan.Trojan-FIHN!685434E39712, Trojan.Trojan-FIHN!8B8C87DE5488
81.25%

Reason Heuristics
PUP.ViatlioC (M), Threat.Adware.Dropper.Suas (H), PUP (M), Adware.Cobind.Kryptic (M)
37.50%

Norman
Gen:Variant.Razy.37189, Gen:Variant.Barys.53261, Gen:Variant.Razy.39219, Gen:Variant.Razy.37415
37.50%

avast!
Win32:Dropper-gen [Drp], Win32:Malware-gen
6.25%

Kaspersky
Trojan-Dropper.Win32.Injector, Trojan.Win32.Inject
6.25%

The domain cloudcrypter.pw has been seen to resolve to the following 2 IP addresses.

104.24.124.202
May 21, 2016

104.24.125.202
May 21, 2016

File downloads found at URLs served by cloudcrypter.pw.

2 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=57241  (scan007.exe)

2 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=57250  (scan008.exe)

2 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=56296  (c35769f7ebcf0728a7c6b37b3c2dbd0544675.exe)

2 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=53185  (c34213d660bd6f5fa2e7e9107856e6bbc877a.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40556  (c312850a0700a03e7ccbdff1580927198bbca.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40558  (c31286416ae157caad562fe3cd89694b516be.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40565  (c31283655b53d5abcb2cd4b8fe3300f8370dd.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40566  (c3128b27d183e78025f615a7c427a8f8884c1.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40571  (c3128f644974e9294761cb52cbcf0a3adb715.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40572  (c31287b2fbc70791da23ecb28c2e9a5fde1fd.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40576  (c3128d77f8dd1db9eece84ce1dab99e42bee0.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40592  (c31289792a0534a70076b87b877af988896ee.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40594  (c312844196dfcd4f32b10fbd642e5fe0a30f3.exe)

2 / 68      (inconclusive)
http://cloudcrypter.pw/download.php?id=40607  (c31283f9e65fcb9a2fe5c2eae73809fd3ed53.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40609  (c31284e71e4f2b631b0b36acd7147be0e04f3.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40613  (c312862f5600e9f8d11c6997868c161bb9b72.exe)

2 / 68      (inconclusive)
http://cloudcrypter.pw/download.php?id=40614  (c3128301a1020f56dfb414b51a85b00ee2df3.exe)

2 / 68      (inconclusive)
http://cloudcrypter.pw/download.php?id=40622  (c312831afcf51757bbae4436552fbc24a5af1.exe)

2 / 68      (inconclusive)
http://cloudcrypter.pw/download.php?id=40639  (c312872688328495ac1bbce2d733a558d3e9b.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40643  (c3128d1d133423a7b87abcfe55d27988ce35b.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40691  (c3128c174a9566e09b7455e0ba7cbe6359337.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40745  (c3128bea85f8697e9fc87d0e031896a111647.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40809  (c312861fe8494e8cee4773e11e83c9065406e.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=40811  (c312829af0cac5b3b1239ea55fd2949c2119a.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=40812  (c312881e56c984f7b54cdb0517731a38e5e8c.exe)

3 / 68      (Malware)
http://cloudcrypter.pw/download.php?id=40815  (c312839ce212bd3acb48c37d5790940729bcf.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=40893  (c31281e9d303b7d18d97ec45f824aa69bd48f.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=41004  (c3128e45402c578108d1783b9db9a779da893.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=41080  (c3128e9a73417cae85b42e1bd781150f7457d.exe)

3 / 68      (PUP)
http://cloudcrypter.pw/download.php?id=41141  (c31289173338b5f01a08ebbaf4bad3ea7647c.exe)

 
Latest 30 of 32 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.