home

cu.conontaffy.com

Erez Azulay

Domain Information

The domain cu.conontaffy.com registered by Erez Azulay was initially registered in January of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, January 15, 2015

Expires date:
Sunday, January 15, 2017

Updated date:
Wednesday, January 27, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:
conontaffy.com

Whois:
2 conontaffy.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.PC Utilities, PUP.Optional.PC Utilities.Installer, PUP.Getlivesupport.Installer (M), PUP.Getlives.Installer (M)
100.00%

Dr.Web
Threat.Undefined, Trojan.Crossrider1.36922, infected with Trojan.SkypeSpam.1482
60.87%

Kaspersky
Trojan.Win32.Agent, Trojan.Win32.Agent.nesaao, Trojan.Win32.Inject
60.87%

K7 AntiVirus
Unwanted-Program
60.87%

Agnitum Outpost
Riskware.SpeedingUpMyPC, Riskware.Unwanted
60.87%

avast!
Win32:GenMalicious-FSF [PUP], Win32:Agent-AYGM [PUP]
60.87%

NANO AntiVirus
Riskware.Win32.OptimizerPro.dnpxsc, Trojan.Win32.Agent.dpxenp, Trojan.Win32.Inject.dqxuiy
60.87%

AVG
Generic
60.87%

Quick Heal
Trojan.Agen.g9, Trojan.Inject.g9
60.87%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
56.52%

Comodo Security
TrojWare.Win32.Injector.FVA, ApplicUnwnt
52.17%

Sophos
Generic PUA BE, Generic PUA CN
52.17%

Qihoo 360 Security
Win32/Trojan.bc1, HEUR/QVM42.1.Malware.Gen
52.17%

Panda Antivirus
PUP/OptimizerPro
52.17%

Fortinet FortiGate
W32/Agent.APCQN!tr, Riskware/SpeedingUpMyPC
52.17%

The domain cu.conontaffy.com has been seen to resolve to the following 3 IP addresses.

184.168.221.57
ip-184-168-221-57.ip.secureserver.net
January 31, 2016

104.28.3.64
April 30, 2015

104.28.2.64
April 30, 2015

File downloads found at URLs served by cu.conontaffy.com.

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MDQpEwrjlxyu-kKnq8VcedyUk-Ik6wYAAAAA/.../SystemOptimizer.exe  (ad3ab24732acb5e9e069c10d0625698f)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MSZDZ9tanmJa2kqXfqFwZfwDyAJUawAAAAAA/.../SystemOptimizer.exe  (910da565be659346f8a382b32f9c0a81)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MIZoojDHOUzaP06YKm9en1dGgn8HBQIAAAAA/.../SystemOptimizer.exe  (62b7522f1cc27dd676cb3bfc691ae2c1)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MSZDZ9tanmJa2kqXfqFwZfwDyAJUawAAAAAA/.../SystemOptimizer.exe  (8956a31bdec5ae60499f5e1764e5f6db)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MJw-EcGYRhs-UkaewarrCaWZY5B8kggAAAAA/.../SystemOptimizer.exe  (84e11e58e4945017cb8bf51ca9de5542)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AFbF39p70ggADTowZ1fDAwuXOq1_QqUfHaHIP7wajeunAAAAAAA/.../SystemOptimizer.exe  (f41e26c9a4ecf12ad170b92a0de0dfcc)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MEZhLPQtBi3Nj0SzjYV_6qfUEZrZyAEAAAAA/.../SystemOptimizer.exe  (018e3299b0f4c5403a233cb703674f9f)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06Mi0sFoOaO1yWy0ak8M3vHIOwLiXlJgAAAAAA/.../SystemOptimizer.exe  (4ac50fae4d65166ca8547fb25659a4a6)

1 / 68      (PUP)
http://cu.conontaffy.com/131002000/AA06MV_s2snZlHI7ukOsDbCe79zaj4b_sgAAAAAA/.../SystemOptimizer.exe  (ad7fb01022357bf7b256f20ecb14b968)

33 / 68    (PUP)
http://cu.conontaffy.com/131002000/AFqM4_qM0ggADTowYIVW16jV41IFTJd8L34lXHMd_Qk1BgAAAAA/.../SystemOptimizer.exe  (df7bd5c350fa8220e5cc4106c5cd5d6f)

33 / 68    (PUP)
http://cu.conontaffy.com/131002000/AFqM4_qM0ggADTowYIVW16jV41IFTJd8L34lXHMd_Qk1BgAAAAA/.../SystemOptimizer.exe  (941ee9be904288216fc13dfb548b235e)

33 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MJdXS0thYhsNIk23tTqOB0nX6RGdlwEAAAAA/.../SystemOptimizer.exe  (fde044005e8d50f28de1bf2e9e7f8c67)

33 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MVhms8L2_6-iMUqe5hqgA-Pft4s6zAEAAAAA/.../SystemOptimizer.exe  (a66054e9a6a706219fc11118766d8fbd)

33 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MSZDZ9tanmJa2kqXfqFwZfwDyO3okAUAAAAA/.../SystemOptimizer.exe  (25a407e487a97acf2559d170a4f81ad0)

16 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MJw-EcGYRhs-UkaewarrCaWZY2_4iwEAAAAA/.../SystemOptimizer.exe  (29b8bf873fbfbaf4d58ac1d938dcbc37)

27 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MVzG-UWV8w3QckaTbaetVgsUhb_0NQMAAAAA/.../SystemOptimizer.exe  (1317aca1e4dcaa51a0e4cb8061fe8660)

27 / 68    (PUP)
http://cu.conontaffy.com/131002000/APqs7_1i0ggADTox4Nth-jaZQxhDQIyCx2GUSfDeyZtEAQAAAAA/.../SystemOptimizer.exe  (d5f02657562474701685be0954ced8b3)

16 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MJw-EcGYRhs-UkaewarrCaWZY00AtQEAAAAA/.../SystemOptimizer.exe  (f5ca5ac56a43ba03b6245b6ef97cda14)

27 / 68    (PUP)
http://cu.conontaffy.com/131002000/AACik4Nc0ggADToxObNqiQQ6prY5QbKQm9LEeZ3nUCYgAAAAAAA/.../SystemOptimizer.exe  (9d489ff6ce90cd6ab62508b7b8c6f944)

27 / 68    (PUP)
http://cu.conontaffy.com/131002000/AE76VmFg0ggADToxilGCL_ZIQDsMTpDXxgU3hY0Sc6heAAAAAAA/.../SystemOptimizer.exe  (b9d75c746927073c186941c40ce9953b)

24 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06Mb7OJtligxjSxUG3kc5XNvChkPa37QAAAAAA/.../SystemOptimizer.exe  (f50fa954a50223caeab840fbd4f0979a)

21 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MKIuXlVeW3SoN0GCRmuSnOEkqGpimAEAAAAA/.../SystemOptimizer.exe  (e11b6aeb9404e587f96a10a47470d4e8)

18 / 68    (PUP)
http://cu.conontaffy.com/131002000/AA06MD_QGJhkFhGRmkuM_FA_BP8kzqCueAAAAAAA/.../SystemOptimizer.exe  (7738f3d16aa8ff0462a86a46bcb8e28e)

The following 141 files have been seen to comunicate with cu.conontaffy.com in live environments.

TCP » 184.168.221.57:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 184.168.221.57:80
b24b7bff-b581-42e4-8251-c966179c93b4-5.exe (Ge-Force by iWebar)

TCP » 184.168.221.57:80
b24b7bff-b581-42e4-8251-c966179c93b4-11.exe (Ge-Force by iWebar)

TCP » 184.168.221.57:80
ge-force-codedownloader.exe (Ge-Force by iWebar)

TCP » 184.168.221.57:80
eba6b5e7-9d84-47d7-a4d8-77d7fae44b86-4.exe (iWebar)

TCP » 184.168.221.57:80
totalplushd-3.1v24.11-codedownloader.exe (TotalPlusHD-3.1V24.11 by HDPlus-3.1TotalV24.11)

TCP » 184.168.221.57:80
d1065db2-fe12-4865-827f-f2b3ac639704-5.exe (I - Cinema by DiscountFrenzy)

TCP » 184.168.221.57:80
889a7ab4-2675-4805-b71f-27d185d7e7e7-5.exe (Browser+ProApp_version10 by Browser)

TCP » 184.168.221.57:80
d1065db2-fe12-4865-827f-f2b3ac639704-11.exe (I - Cinema by DiscountFrenzy)

TCP » 184.168.221.57:80
iwebar-codedownloader.exe (iWebar)

TCP » 184.168.221.57:80
1eb5f2f6-cb5c-4f61-b907-b18e2ae1a6e1-11.exe (Internet Speed Checker by Speedchecker)

TCP » 184.168.221.57:80
41e99822-ab50-48a8-a0c4-26746ec24416-7.exe (TotalPlusHD-3.1V20.11 by HDPlus-3.1TotalV20.11)

TCP » 184.168.221.57:80
63b11c5e-b05e-47f0-9829-ae8fdd247b03-7.exe (MediaPlayersvideos 1.1 by Enter)

TCP » 184.168.221.57:80
bf6ab4fb-a052-4757-8d0a-575b27c0b513-7.exe (App Lid by Lid)

TCP » 184.168.221.57:80
046edf9a-be87-46ab-b1a8-cf6afa0d6f3b-5.exe (CinemaPro 1.5V18.11 by Cinema ProV18.11)

TCP » 184.168.221.57:80
d1065db2-fe12-4865-827f-f2b3ac639704-4.exe (I - Cinema by DiscountFrenzy)

TCP » 184.168.221.57:80
889a7ab4-2675-4805-b71f-27d185d7e7e7-11.exe (Browser+ProApp_version10 by Browser)

TCP » 184.168.221.57:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.168.221.57:80
gohd-codedownloader.exe (GoHD by InstallMoon)

TCP » 184.168.221.57:80
browser.exe (Browser)

 
Latest 20 of 143 files

URL:
http://cu.conontaffy.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

astralnetwork.net

0119b.info

0123g.info

allergycleveland.org

askdownload.com

bestsoftscope.com

connectdev.info

daksoft.net

down0101life.info

down2208life.info

dynaobject.info

hplcloud.net

infowebmaster.info

largelybestfiles.com

moxhification.com

nixcontact.info

peripheraltest.info

polarisresource.info

ramtele.info

snowfieldcomputer.info

soft73.net

thanh.ca

uni-suite.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.