home

dl.softpzivrubajjui.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.softpzivrubajjui.net is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Thursday, September 19, 2013

Expires date:
Friday, September 19, 2014

Updated date:
Friday, September 27, 2013

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
softpzivrubajjui.net

Whois:
1 softpzivrubajjui.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.RAPIDDOWN.V, PUP.Solimba.RAPIDDOWN (M), PUP.Solimba.RAPIDDOW (M), PUP.Solimba.SETUPPRO.Bundler (M), PUP.Solimba.RAPIDDOW.Bundler (M), PUP.Solimba.PortalPr (M), PUP.Solimba (M)
100.00%

MicroWorld eScan
Gen:Variant.Zusy.78149
6.25%

Malwarebytes
PUP.Optional.BundleInstaller.A
6.25%

NANO AntiVirus
Trojan.Win32.Morstar.creklv
6.25%

avast!
Win32:Rapiddown-A [PUP]
6.25%

Kaspersky
not-a-virus:Downloader.Win32.Morstar
6.25%

Bitdefender
Gen:Variant.Zusy.78149
6.25%

Lavasoft Ad-Aware
Gen:Variant.Zusy.78149
6.25%

Sophos
Solimba Installer
6.25%

Comodo Security
Application.Win32.Bechiro.BCD
6.25%

F-Secure
Gen:Variant.Zusy.78149
6.25%

Dr.Web
Trojan.DownLoader11.3206
6.25%

VIPRE Antivirus
Trojan.Win32.Generic
6.25%

Avira AntiVirus
TR/Dropper.Gen
6.25%

Emsisoft Anti-Malware
Gen:Variant.Zusy.78149
6.25%

The domain dl.softpzivrubajjui.net has been seen to resolve to the following 2 IP addresses.

23.67.243.74
January 10, 2014

23.67.243.88
January 10, 2014

File downloads found at URLs served by dl.softpzivrubajjui.net.

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../apple itunes.exe  (59b7d92b40380276878d69429ddd1373)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Caja.exe  (5c197a95b9e053be554ca268b15fa6c5)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (24ccf6e457cb8847c1190daa42bf0403)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (0564479305e565cf36dafac46cf9e939)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (b1b947d84f2b67c3109df30cdb1787a2)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Plants vs Zombies.exe  (09df77dead2726a40e13ec40a2853afd)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (5224567d6e1844aca3b871cb70a6b505)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Antivirus.exe  (a6ca564fb56ff4e6b6edcef3e15d1c10)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Malwarebytes Anti-Malware.exe  (31ef2b1c5c3c00b958d80c3a1d9df4a1)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Outlook Express.exe  (9d04d89f2e8fefc8638bf6fbb2ed9a4f)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Adobe Photoshop.exe  (3c8527903034c52dddf8032bf06da0a5)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (5ec4c947029117ec35ff8d54b62c81c9)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLVMPlayer.exe  (59ae3281d9b98d0818b76d257d97e669)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/.../FLV_Media_Player.exe  (14855960bb42b7fc85114cfe286402d8)

1 / 68      (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Sequel.exe  (4b299f6e228650ea8ac3dde9124caf85)

24 / 68    (Adware)
http://dl.softpzivrubajjui.net/n/3.0.26.2/.../Adobe Flash Player 11.exe  (f6ce40873ea88a959f3ab0ff6d168f58)

The following 99 files have been seen to comunicate with dl.softpzivrubajjui.net in live environments.

TCP » 23.67.243.74:80
fdmaiibbjfpbfhdcljpomaaaclbjdmcg.crx

TCP » 23.67.243.74:80
dljdpmdnkpjdhfkjkcdacjdmpcbpojlc.crx

TCP » 23.67.243.74:80
mnchmgjekkgjikkffmbglijobonbmaan.crx

TCP » 23.67.243.74:80
bkhdmnkphakkjhahkddegalcnilmbdmn.crx

TCP » 23.67.243.74:80
blfhibbjlemchbkeakalepkbadfjlbgg.crx

TCP » 23.67.243.74:80
pmnnomhnpajkdgjpgffnphooamboiogk.crx

TCP » 23.67.243.74:80
jikhlipicfehaajalpggcnleligieome.crx

TCP » 23.67.243.74:80
pmnnomhnpajkdgjpgffnphooamboiogk.crx

TCP » 23.67.243.74:80
dljdpmdnkpjdhfkjkcdacjdmpcbpojlc.crx

TCP » 23.67.243.74:80
pmnnomhnpajkdgjpgffnphooamboiogk.crx

TCP » 23.67.243.74:80
kifafadhaonpfpdepdjmdmcgmnjieenj.crx

TCP » 23.67.243.74:80
npgojbamphcbinjnaeahgiodndleamoi.crx

TCP » 23.67.243.74:80
fpgilnmccbcifjmoflbcpghenbaoijjg.crx

TCP » 23.67.243.74:80
elnbghjcbkkgnblhkbledaeodjobhpdi.crx

TCP » 23.67.243.74:80
dllpkaflklfeganidmkcpbmjafjbammo.crx

TCP » 23.67.243.74:80
dljdpmdnkpjdhfkjkcdacjdmpcbpojlc.crx

TCP » 23.67.243.74:80
gflpcjeoeocanhomdojchhdmmidhgake.crx

TCP » 23.67.243.74:80
jcphgdhhhanklackkfibjojedcnlfphc.crx

TCP » 23.67.243.74:80
jafdhfefnpggpfeebmpkfjfikpiepgjo.crx

TCP » 23.67.243.74:80
ncldlihhcndflhlbabhdcddcepnioldd.crx

 
Latest 20 of 101 files

URL:
http://dl.softpzivrubajjui.net/

Web server:
nginx (PHP/5.3.10-1ubuntu3.8)

Alexa:
Global rank:  876,532
Backlinks:  25

Statistics are for the previous month (Alexa statistics are for entire softpzivrubajjui.net).

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.