» directxex.com
Overview
Analysis
IPs Addresses (2)
Downloads (3)
Subdomains (1)
Statistics

directxex.com

WHOISGUARD, INC. (Proxy Registrant)

Domain Information

The domain directxex.com is registered by proxy through ENOM, INC. and was originally registered in July of 2012. Currently this domain has been known to host various forms of malware. The hosted servers are located in San Francisco, California within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).

Registrant:

WHOISGUARD, INC.

Registrar:

ENOM, INC.

Server location:

California, United States (US)

Create date:

Tuesday, July 17, 2012

Expires date:

Thursday, July 17, 2014

Updated date:

Wednesday, March 19, 2014

ASN:

AS13335 CLOUDFLARENET - CloudFlare, Inc.

Whois:

1 directxex.com record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Bkav FE

HW32.CDB

100.00%

MicroWorld eScan

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

nProtect

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

McAfee

Artemis!A13AE3745A24, PWSZbot-FLW!2E01D0E03A08, PWSZbot-FLW!A0A74178804E

100.00%

Malwarebytes

Backdoor.Bot

100.00%

K7 AntiVirus

Trojan

100.00%

Norman

Suspicious_Gen4.FVRIL, Suspicious_Gen5.AMNEM, Suspicious_Gen4.FVVNP

100.00%

Trend Micro House Call

TROJ_GEN.R0CBC0RBQ14, TROJ_GEN.R0CBC0DC314, TROJ_GEN.R0CBC0RC114

100.00%

Kaspersky

Backdoor.Win32.Androm, Backdoor.Win32.DarkKomet

100.00%

Bitdefender

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

Agnitum Outpost

Backdoor.Androm, Backdoor.DarkKomet

100.00%

Lavasoft Ad-Aware

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

Emsisoft Anti-Malware

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

Comodo Security

UnclassifiedMalware

100.00%

F-Secure

Trojan.GenericKD.1582331, Trojan.GenericKD.1585265, Trojan.GenericKD.1585564

100.00%

The domain directxex.com has been seen to resolve to the following 2 IP addresses.

108.162.199.96

(CloudFlare)

March 19, 2014

108.162.198.96

(CloudFlare)

March 19, 2014

File downloads found at URLs served by directxex.com.

32 / 68 (Malware)

http://directxex.com/.../1010343014.server12345.exe (a0a74178804efbeb8040bdfb1a532e84)

33 / 68 (Malware)

http://directxex.com/.../1491944748.whaat.exe (2e01d0e03a0851680dc0d4ce9fb62a79)

34 / 68 (Malware)

http://directxex.com/.../1005443056.cryptedserver.exe (a13ae3745a24c8b712ef684b220e921e)

Subdomains

January 4, 2015

s1.directxex.com

Alexa:

US rank: 200,726

Global rank: 799,098

Backlinks: 26

Compete.com:

US visitors: 42

Statistics above are for the previous month of October 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.