home

esciagnij.pl

Domain Information

Server location:
Mazowieckie, Poland (PL)

ASN:
AS8535 AGORA Agora TC Sp.z.o.o.,PL

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

avast!
Win32:Malware-gen, Win32:PUP-gen [PUP]
50.00%

Kaspersky
not-a-virus:Downloader.Win32.Sciagnij
50.00%

Reason Heuristics
PUP.Agora.SciagNij.Meta (L), PUP.Agora.SciagNij (L), Adware.Downloader (M)
50.00%

MicroWorld eScan
Application.Downloader.YB
41.67%

McAfee
Artemis!1CE44AF153FA, Artemis!4D4A627A3736, Artemis!6E2997A3D394, Artemis!F65F0265DCAC, Trojan.Artemis!BD7AC4F0CB6A
41.67%

Arcabit
Application.Downloader.YB
41.67%

ESET NOD32
Win32/Sciagnij.A potentially unwanted (variant)
41.67%

Bitdefender
Application.Downloader.YB
41.67%

F-Secure
Application.Downloader.YB
41.67%

AhnLab V3 Security
PUP/Win32.Bundler
41.67%

G Data
Application.Downloader.YB
41.67%

Vba32 AntiVirus
Downloader.Sciagnij
41.67%

IKARUS anti.virus
PUA.Sciagnij
41.67%

Fortinet FortiGate
Riskware/Sciagnij
41.67%

Panda Antivirus
Trj/Genetic.gen
41.67%

The domain esciagnij.pl has been seen to resolve to the following IP address.

80.252.0.132
poczta.gazeta.pl
April 2, 2016

File downloads found at URLs served by esciagnij.pl.

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=310921&systemId=26  (ikea_home_planner_sciagnij.pl.exe)

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=10603&systemId=22  (color_style_studio_sciagnij.pl.exe)

24 / 68    (PUP)
http://esciagnij.pl/.../install.servlet?id=321862&systemId=26  (hp_4468.tmp.exe)

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=317882&systemId=21  (fallout_new_vegas_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=315009&systemId=21  (gta_vice_city_spolszczenie_sciagnij.pl.exe)

17 / 68    (PUP)
http://esciagnij.pl/.../install.servlet?id=10214&systemId=26  (hp_3fc9.tmp.exe)

5 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=7189&systemId=21  (video_downloadhelper_sciagnij.pl.exe)

22 / 68    (PUP)
http://esciagnij.pl/.../install.servlet?id=10672&systemId=26  (hp_46eb.tmp.exe)

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=4777&systemId=23  (rise_&_fall-_civilizations_at_war_sciagnij.pl.exe)

19 / 68    (PUP)
http://esciagnij.pl/.../install.servlet?id=317750&systemId=121  (internet_explorer_11_sciagnij.pl.exe)

1 / 68      (PUP)
http://esciagnij.pl/.../install.servlet?id=2554&systemId=21  (mario_forever_sciagnij.pl.exe)

24 / 68    (PUP)
http://esciagnij.pl/.../install.servlet?id=318649&systemId=26  (adblock_plus_sciagnij.pl.exe)

The following 4 files have been seen to comunicate with esciagnij.pl in live environments.

TCP » 80.252.0.132:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 80.252.0.132:80
internetenhancer.exe (Internet Enhancer)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

alert24.pl

autotrader.pl

edulandia.pl

gamecorner.pl

gazetapraca.pl

moto.pl

sciagnij-24.pl

sciagnij-online.pl

sciagnij.pl

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.