home

fabulous-wealth2d3fd5.com

Whois Privacy Corp.

Domain Information

The domain fabulous-wealth2d3fd5.com registered by Whois Privacy Corp. was initially registered in October of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
INTERNET.BS CORP.

Server location:
Virginia, United States (US)

Create date:
Tuesday, October 14, 2014

Expires date:
Wednesday, October 14, 2015

Updated date:
Tuesday, October 14, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:
1 fabulous-wealth2d3fd5.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

avast!
Win32:Adware-gen [Adw], Win32:Rootkit-gen [Rtk], Win32:PUP-gen [PUP]
100.00%

Dr.Web
Trojan.DownLoader11.40661, Trojan.DownLoader11.49526, Trojan.iBryte.80, Trojan.DownLoader11.38636
100.00%

VIPRE Antivirus
Threat.4778314, Optimum Installer
100.00%

Malwarebytes
PUP.Optional.Fusion.A, PUP.Optional.Ibryte
100.00%

F-Prot
W32/A-a0e3427e, W32/A-2b3be3da, W32/A-c255719d
100.00%

Kaspersky
Trojan-Downloader.Win32.Genome, not-a-virus:AdWare.Win32.iBryte
100.00%

NANO AntiVirus
Trojan.Win32.Genome.diihrk, Trojan.Win32.Badur.dhhunu, Trojan.Win32.DownLoad3.dfwgta
100.00%

Comodo Security
Application.Win32.IBryte.BM, Application.Win32.AgentCV.HWYE
100.00%

Avira AntiVirus
ADWARE/Adware.Gen7, ADWARE/iBryte.Gen7, TR/Kazy.439479.2
100.00%

G Data
Win32.Adware.IBryte, Gen:Variant.Kazy.439479
100.00%

AhnLab V3 Security
PUP/Win32.Eorezo, Adware/Win32.IBryte, PUP/Win32.IBryte
100.00%

Panda Antivirus
Trj/Genetic.gen
100.00%

AVG
AdPlugin, Found Win32/DH{gRKBEyAlflCBB3lUTxVRgQkcU04}, Adware AdPlugin
100.00%

Reason Heuristics
PUP.Installer.OverallMedia.U, PUP.Installer.TigerDownload.U, PUP.Bundler.Adknowledge
100.00%

K7 AntiVirus
Unwanted-Program
100.00%

The domain fabulous-wealth2d3fd5.com has been seen to resolve to the following 4 IP addresses.

54.243.56.153
ec2-54-243-56-153.compute-1.amazonaws.com
May 3, 2015

23.21.251.147
ec2-23-21-251-147.compute-1.amazonaws.com
May 3, 2015

54.243.226.39
ec2-54-243-226-39.compute-1.amazonaws.com
December 25, 2014

50.19.213.188
ec2-50-19-213-188.compute-1.amazonaws.com
December 25, 2014

File downloads found at URLs served by fabulous-wealth2d3fd5.com.

42 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/track/send?context=rKzwUDLgeQttQ9PYeYCid2Z7y5EjEPoPYhs9kVK03kW/Lduz/VZdRjB8em9sKAjOb2iMx1XqqpC651YFchwTkSRqRguLIO1Mb0roHHkCVgdod/uHsP/xu3y9knbxdQ/QFTGQ/coIdUB2G2/tT/EcMl/bo5 LGR2euf9de5utoozsg0aZSe3ui14lverD qOzuuRNOTiuqLwZY5QOE QWl WXDD xIPsd0WujWa5ePlTnMhqKXNPwFYvgce0aH3hcTEwwfCr/6zC3NQ QeU7qz4D0KH0JZdEVKaccaBLzyIyvCz9XhNPwiyO37fqbNNeD9AXtojkdQy9J6DWKyKxsMdeGdBAlHLX4y/RrSZxc6pdagbRiIlDQuSQILRDMrQLbj/.../mBc18dQ==  (flashplayerpro_setup.exe)

42 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/.../serve?c=marimedia&s=marimedia_lightspark-us-ddl-cpa&ce_cid=lax1CLLGpqipoNTUdxACGIDQ69TZm6_eWiIOMTA0LjMzLjExNi4xNzcoATCT47miBQ..  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/track/send?context=rKzwUDLgeQttQ9PYeYCid2Z7y5EjEPoPYhs9kVK03kW/Lduz/VZdRjB8em9sKAjOb2iMx1XqqpC651YFchwTkSRqRguLIO1Mr9VfZuwpbeuH27V4s4KgaKJiIBpdTzt9USrxUhGKs4ZOssfo351YtyVPZm83WZOM3i/mCZR63nmGqjAoKVjnY8YvirInklPM3N3HXJkHV3OV8Qs0Br9XIQiYwiQoUHqJ5dSjc7jttwpowHRDl346quZku3uKoekaA578sx6x/c6xSOK59a8BK7grJHASJZUkioktjwwpI6L48LO/mZKrF7/ZRXzHoJOJTQceYRPHEd2nyHLa58DzTcmsSeD265Xk2mjLTKDoCt3RFZJeExNc8wx/.../q6l3Qx9r1PYxY=  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/.../serve?c=marimedia&s=marimedia_lightspark-us-ddl-cpa&ce_cid=nym1CKHt1Yit6eLIfxACGI-E2MCV4cD9OyIOMTc0LjEzMC4xMy4xODMoATDokq-jBQ..  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/track/send?context=rKzwUDLgeQttQ9PYeYCid2Z7y5EjEPoPYhs9kVK03kW/Lduz/VZdRjB8em9sKAjOb2iMx1XqqpC651YFchwTkSRqRguLIO1Mb0roHHkCVgdgxjyl8AWl3l By3yJnRoCAtViysL2jJkyH1510VqEHGgqJi PGnnbjWmu9CGmWCOiCndMWsn0bDdosgsdKTC0b5xVHqG96Z25GEJHLxSnU2ihTlXCq/eiR2JY1xRj/7xUsFM10M9EqIAmyzZMQNwxY/sng1tLeTTv0t7tY2KK6XgZXLycAv4mYOiK413Yzr2vx5XGKHIYQ HGbEIlvoj3YzuIeiz1JQymTGpcBMaPRjvlufPTuRdXeSRB0ozsyzm/.../NwWNs1W2ydy1wF6XKtCM0UkOsnttMxj6nphz45XipK7H90EvY2  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/.../serve?c=marimedia&s=marimedia_lightspark-us-ddl-cpa&ce_cid=lax1CJvOpuzr6rfpDhACGMHLyoSKg7GhcyINNzAuMTgzLjUyLjIzMygBMLTQ_qMF  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/track/send?context=rKzwUDLgeQttQ9PYeYCid2Z7y5EjEPoPYhs9kVK03kW/Lduz/VZdRjB8em9sKAjOb2iMx1XqqpC651YFchwTkSRqRguLIO1Mb0roHHkCVgeq4yjq9hgPtQhgoVbaL1w P00u Vi M5zvJJJTZrwCwWZzYjik3 Xl3CksQwVB87WxFliN5eE48lN9rleF6sCZmoXFOOVhpEdEq9D391ZhLuoKCmNapkW6a4KpqCAFwvT2Gh6iQvTuN45hiiQohMkn5tg2TGoL928zqx/lvQaVCpsp5L23nNjecsYXAY rlrMZGVljhuY1pPZme4OBC5utuu19zkMvxhQXfvN7GMMZNFBlspmOBcFZ Zt4XCkLia75bi68EMqyLBlN5ixHcqZe4zsdvEw pnVBdrhv2ps3Bf4RPS5KvodZAq0/g/UiTvmtGWzB1UwDIS51wWq83Vr3B0Bn3xEh6v8 7fuwLL7NytwR5N5ZUXEBwPGWmUzsOr16z7hLQjedi8Nn5/veYuz7PyQXQQn36dYJD/KdKbWh5H2SHP7CehVQDvIINmBA4TOIalJb32miUH4XbnjXYT0OZfrpiJlYXHuI5BqNCaTECJgEeIjyXxDPxYD5nhERr2OxpSR7NFBBW7mS4cTMZMoFt86q Hw6l/ZHrwnrluB30IPR1GVR4ytvibLGs0DRUFmtgd62xi6Hy29htzlaksMOGEB2UDuc5HD30LdgARcZYXWPZGL4y9h/.../AVPt FSjoJPt4VBindS  (flashplayerpro_setup.exe)

40 / 68    (Adware)
http://fabulous-wealth2d3fd5.com/.../serve?c=marimedia&s=marimedia_lightspark-us-ddl-cpa&ce_cid=lax1CJ-Kj8qbx5qFJRACGLbN986XjOWXQyIMMTczLjYwLjk3LjU3KAEw7c-FowU.  (flashplayerpro_setup.exe)

URL:
http://fabulous-wealth2d3fd5.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 2.0.50727)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.