Download
Community
knowledgeBase
» dk.1aab811gfl.com
Overview
Analysis
IPs Addresses (2)
Downloads (1)
Network (19)
dk.1aab811gfl.com
Domain Information
Server location:
Massachusetts, United States (US)
ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.
Root domain:
1aab811gfl.com
Analysis
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Bundler.Vittalia
100.00%
Dr.Web
Trojan.Vittalia.35
100.00%
VIPRE Antivirus
Threat.4782551
100.00%
ESET NOD32
Win32/TrojanDropper.Addrop.C trojan
100.00%
Norman
InstallCore.WTRR
100.00%
Avira AntiVirus
PUA/InstallCore.Gen7
100.00%
AVG
Generic
100.00%
Qihoo 360 Security
Trojan.Generic
100.00%
McAfee
Trojan.Artemis!73904C15D060
100.00%
IPs Addresses
The domain dk.1aab811gfl.com has been seen to resolve to the following 2 IP addresses.
23.0.160.56
a23-0-160-56.deploy.static.akamaitechnologies.com
April 11, 2015
23.0.160.50
a23-0-160-50.deploy.static.akamaitechnologies.com
April 11, 2015
Downloads
File downloads found at URLs served by dk.1aab811gfl.com.
9 / 68 (Adware)
http://dk.1aab811gfl.com/installers/axtan_installers/get.php?ik=air&ut=1b8eab41e8184de66546a10d76aba5df&aa=ax/1/eazelen//&ua=chrome&u=L2Rvd25sb2FkLmVhemVsLmNvbS9pbnN0YWxsZXJzL291dC8wMDMyMjAwMzIzMDAzMjQvcGlpZC01NTEwMjcyZTFlODY1Ny41NDc5NjA1NC9heC8xL2VhemVsZW4vZW5nbGlzaC9zZW8vY2hyb21lL3Byb3RldXNfOF8wL2QvNzgyMTk4MDI3ZmM1MDk0YzQ3OWQzZWY5YTQzYjIyYjUvYWlyLzY3MTIxNy9uYS8wL0FBL2luc3RhbGxlcl9wcm90ZXVzXzhfMF9FbmdsaXNoLmV4ZQ==&p=RUFaRUxFTg==&x=L2hvbWUvZG93bl9jcm9ucy9wdWJsaWNfaHRtbC9pbnN0YWxsZXJzL291dC9heC8xL2VhemVsZW4vZW5nbGlzaC9zZW8vY2hyb21lL3Byb3RldXNfOF8wL2QvNzgyMTk4MDI3ZmM1MDk0YzQ3OWQzZWY5YTQzYjIyYjUvYWlyLzY3MTIxNy9uYS8wL0FBL2luc3RhbGxlcl9wcm90ZXVzXzhfMF9FbmdsaXNoLmV4ZQ==&loop=0&s=
(installer_proteus_8_0_english.exe)
Network Communications
The following 19 files have been seen to comunicate with dk.1aab811gfl.com in live environments.
TCP »
23.0.160.50
:80
naib.exe (Adobe AIR by Adobe Systems)
TCP »
23.0.160.50
:80
bmkmaoccbkibpokbhpkeffkjcalggbnc.crx
TCP »
23.0.160.50
:80
hchgnmjiholbfnnjnegfmbffnmfkfefd.crx
TCP »
23.0.160.50
:80
ljacocjkdjhpahdeefbalokmkoadmeap.crx
TCP »
23.0.160.50
:80
nhkpdgobekbpcgefedkmnhopkepefbch.crx
TCP »
23.0.160.50
:80
nfkbijmmeknineggnnfjfocghlpkmppj.crx
TCP »
23.0.160.50
:80
agnadhggfijmhpeigfallnifaabeiolo.crx
TCP »
23.0.160.50
:80
jpjaeedhlmcojmmhngnbankkodcdlenh.crx
TCP »
23.0.160.56
:80
jlnfdbbladgcmhhamgkioifhbobjaoof.crx
TCP »
23.0.160.56
:80
hinmlhgghhgehbiokjpdpcdbkeejnepn.crx
TCP »
23.0.160.56
:80
glopifidbdnelechaedgijiifonhbmif.crx
TCP »
23.0.160.56
:80
pgjhdjkakdkacpmnfegbdkebjdlmafpi.crx
TCP »
23.0.160.56
:80
bjfjckelkjhfgamlmipgdaklofacegaa.crx
TCP »
23.0.160.56
:80
khjlmoimbipephlkgfglajblpkgngcli.crx
TCP »
23.0.160.56
:80
laealbakolpagggdebocopmkjepebpjp.crx
TCP »
23.0.160.56
:80
ibokihboaojdolnlgbejebillmaodnfc.crx
TCP »
23.0.160.56
:80
elnndmbhakcgnbbgckjmlmfiomlfepcj.crx
TCP »
23.0.160.56
:80
khjlmoimbipephlkgfglajblpkgngcli.crx
TCP »
23.0.160.56
:80
lhmaplofmohodnleblnmfhhckhnmkmee.crx
X