» f.cl.ly
Overview
Analysis
IPs Addresses (2)
Downloads (3)
Network (1)

f.cl.ly

Domain Information

Server location:

Virginia, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:

Malware distribution (67% detected)

Scan engine

Details

Detections

nProtect

Trojan/W32.HackTool.1385984.B, Backdoor.Shell.AC

100.00%

McAfee

Artemis!FD97948196D1, Swrort.i

100.00%

Malwarebytes

Hacktool.Kiser, Backdoor.Bot.gen

100.00%

K7 AntiVirus

Riskware , Backdoor

100.00%

NANO AntiVirus

Trojan.Win32.Kiser.crocae, Trojan.Win32.Swrort.uhpfc

100.00%

Norman

Suspicious_Gen4.EXVFL, Swrort.S

100.00%

Trend Micro House Call

HKTL_KISER, Suspicious_GEN.F47V1203

100.00%

Kaspersky

HackTool.Win32.Kiser, HEUR:Backdoor.Win32.Generic

100.00%

Agnitum Outpost

HackTool.Kiser, Trojan.Rosena.Gen.1

100.00%

Comodo Security

ApplicUnwnt.Win32.HackTool.Kiser.A, TrojWare.Win32.Rozena.A

100.00%

VIPRE Antivirus

Trojan.Win32.Generic, Trojan.Win32.Swrort.B

100.00%

Trend Micro

HKTL_KISER, TROJ_SWRORT.SMCA

100.00%

Sophos

Generic PUA HI, Mal/Swrort-C

100.00%

Baidu Antivirus

HackTool.Win32.Kiser, Backdoor.Win32.Generic

100.00%

Rising Antivirus

PE:Trojan.Win32.Generic.15A975D8!363427288, PE:HackTool.Swrort!1.6477

100.00%

The domain f.cl.ly has been seen to resolve to the following 2 IP addresses.

54.231.34.73

s3-1-w.amazonaws.com

February 10, 2016

54.231.0.153

s3-1-w.amazonaws.com

January 4, 2015

File downloads found at URLs served by f.cl.ly.

0 / 68

http://f.cl.ly/items/.../WebHelper_InstallDownload_1143.exe (8bfbfb022491e6ca6aa1a4fb26b83585)

22 / 68 (PUP)

http://f.cl.ly/items/.../KRT_2.1.exe (fd97948196d18c87f46d52ba612ed743)

33 / 68 (Malware)

http://f.cl.ly/items/.../Airdrop.exe (a23800f1c1d6259a861f2d9f7e229e4d)

The following file have been seen to comunicate with f.cl.ly in live environments.

TCP » 54.231.0.153:80

new_chrome.exe (Google Chrome by Google)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.