home

gerenciador.nznja.com.br

Financeiro GrupoNZN

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
nznja.com.br

Whois:
1 nznja.com.br record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
(M), PUP.Optional.DsNET.Atube.Installer.Meta, PUP.NoZebraNetworka.i, PUP.NoZebraNetworka.f, PUP.NoZebraNetworka.p, PUP.NoZebraNetworka.EE, PUP.installCore.NoZebraNetworka (M), PUP.installCore.NoZebraN (M)
100.00%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/InstallCore.PL (variant)
63.64%

Malwarebytes
PUP.Optional.Installcore
59.09%

K7 AntiVirus
Unwanted-Program
59.09%

VIPRE Antivirus
Trojan.Win32.Generic, InstallCore
59.09%

AVG
Generic
59.09%

F-Prot
W32/InstallCore.AC.gen
54.55%

Baidu Antivirus
Adware.Win32.InstallCore
54.55%

McAfee
Artemis!36C792CD955B, Artemis!ACA28E362058, Artemis!8E26972909D7, Artemis!0BFBA468420E, Artemis!9D643D9D3462
45.45%

herdProtect (fuzzy)
a variant of 733e67e75bfc1ec57a56e79c4439c16bebb2828d, a variant of 391088a0216a4d370530517f2669087318a1b0d1, a variant of 96dee2b736096f4ddab834339fa75db977840aa1
31.82%

Rising Antivirus
PE:Trojan.Win32.Generic.174A015C!390725980, PE:Trojan.Win32.Generic.17768D74!393645428
13.64%

Avira AntiVirus
Adware/InstallCore.ZR, ADWARE/InstallCore.Gen9
9.09%

Trend Micro House Call
Suspicious_GEN.F47V0927
4.55%

Comodo Security
ApplicUnwnt
4.55%

Dr.Web
Trojan.InstallCore.11
4.55%

The domain gerenciador.nznja.com.br has been seen to resolve to the following 16 IP addresses.

52.200.144.193
ec2-52-200-144-193.compute-1.amazonaws.com
May 16, 2016

52.87.143.249
ec2-52-87-143-249.compute-1.amazonaws.com
April 17, 2016

54.86.116.226
ec2-54-86-116-226.compute-1.amazonaws.com
April 14, 2016

52.7.52.225
ec2-52-7-52-225.compute-1.amazonaws.com
April 5, 2016

52.2.172.241
ec2-52-2-172-241.compute-1.amazonaws.com
April 5, 2016

52.200.69.248
ec2-52-200-69-248.compute-1.amazonaws.com
April 4, 2016

54.165.17.118
ec2-54-165-17-118.compute-1.amazonaws.com
April 4, 2016

52.72.175.12
ec2-52-72-175-12.compute-1.amazonaws.com
February 22, 2016

54.86.244.182
ec2-54-86-244-182.compute-1.amazonaws.com
January 28, 2016

54.88.180.217
ec2-54-88-180-217.compute-1.amazonaws.com
January 28, 2016

54.173.186.158
ec2-54-173-186-158.compute-1.amazonaws.com
May 4, 2015

52.0.8.14
ec2-52-0-8-14.compute-1.amazonaws.com
May 4, 2015

54.210.182.155
ec2-54-210-182-155.compute-1.amazonaws.com
October 9, 2014

54.165.220.75
ec2-54-165-220-75.compute-1.amazonaws.com
October 9, 2014

54.86.65.100
ec2-54-86-65-100.compute-1.amazonaws.com
September 30, 2014

107.21.40.120
ec2-107-21-40-120.compute-1.amazonaws.com
September 30, 2014

File downloads found at URLs served by gerenciador.nznja.com.br.

8 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../utorrent-65-21-4102982.exe  (utorrent-3-4-2-build-34309-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../ccleaner-4-31-4102982.exe  (ccleaner-4-18-4842-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../vroot-85-21-4102982.exe  (vroot-1-7-3-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../windows-movie-maker-15-71-4102982.exe  (windows-movie-maker-2012-16-4-3522-0110-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../camtasia-studio-84-91-4102982.exe  (icreinstall_camtasia-studio-8-4-3-build-1792-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../airy-video-converter-21-41-4102982.exe  (airy-video-converter-6-2-1-32-bits.exe)

9 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../volvo-the-game-11-41-4102982.exe  (icreinstall_volvo-the-game-1-0-32-bits.exe)

11 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../atube-catcher-94-01-4102982.exe  (atube-catcher-3-8-7980-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../free-video-to-audio-converter-24-4-4102992.exe  (free-video-to-audio-converter-2014-4-6-1-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../baixar-musicas-gratis-44-81-4102982.exe  (baixar-musicas-gratis-3-8-0-32-bits.exe)

1 / 68      (Malware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../ares-galaxy-83-21-4102982.exe  (aresregular230_installer.exe)

15 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../ares-galaxy-04-21-4102982.exe  (ares-galaxy-2-3-0-3054-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../winzip-33-81-4102982.exe  (winzip-18-5-build-11111-32-bits.exe)

2 / 68      (PUP)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../atube-catcher-43-61-4102982.exe  (atubecatcher.exe)

11 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../atube-catcher-23-61-4102982.exe  (atube-catcher-3-8-7980-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../project64-44-51-4102982.exe  (project64-2-1-32-bits.exe)

1 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../harry-potter-e-a-camara-secreta-25-41-4102982.exe  (harry-potter-e-a-camara-secreta-32-bits.exe)

8 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../coreldraw-graphics-suite-75-31-4102982.exe  (coreldraw-graphics-suite-x7-32-bits.exe)

8 / 68      (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../bitcomet-91-31-4102982.exe  (bitcomet-1-37-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../free-youtube-download-71-21-4102982.exe  (free-youtube-download-3-2-44-820-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../vlc-media-player-71-02-4102982.exe  (vlc-media-player-2-1-5-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../daemon-tools-lite-92-61-4102982.exe  (daemon-tools-lite-4-49-1-0356-32-bits.exe)

10 / 68    (Adware)
http://gerenciador.nznja.com.br/nocache/programas/urls/iron/.../pcsx2-7-61-4102982.exe  (pcsx2-1-2-1-32-bits.exe)

URL:
http://gerenciador.nznja.com.br/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-HTTPAPI/2.0

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.