lib.software-upgrade.org

DHACop Lab

Domain Information

The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
Name.com, LLC

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Google Safe Browsing:
unwanted

Scan engine
Details
Detections

Avira AntiVirus
TR/ATRAPS.Gen, TR/Spy.Agent.3518464.1
100.00%

McAfee
Artemis!84CE4AE4A845, Artemis!DA2F6EBE9DD7
100.00%

IKARUS anti.virus
Trojan.ATRAPS
50.00%

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
50.00%

MicroWorld eScan
Gen:Trojan.Heur.wV0@raI3JQdi
50.00%

Arcabit
Trojan.Heur.E3C3C8
50.00%

avast!
Win32:Malware-gen
50.00%

Bitdefender
Gen:Trojan.Heur.wV0@raI3JQdi
50.00%

Lavasoft Ad-Aware
Gen:Trojan.Heur.wV0@raI3JQdi
50.00%

Emsisoft Anti-Malware
Gen:Trojan.Heur.wV0@raI3JQdi
50.00%

F-Secure
Trojan.Heur.wV0@raI3JQdi
50.00%

VIPRE Antivirus
Trojan.Win32.Generic
50.00%

Trend Micro
TROJ_GEN.R047C0OJF15
50.00%

G Data
Gen:Trojan.Heur.wV0@raI3JQdi
50.00%

AVG
Generic14_c
50.00%

The domain lib.software-upgrade.org has been seen to resolve to the following IP address.

50.22.123.186-static.reverse.softlayer.com
February 22, 2016

File downloads found at URLs served by lib.software-upgrade.org.

15 / 68    (Malware)

0 / 68
http://lib.software-upgrade.org/flashplayer_chrome.exe  (install_flash_player_16_plugin.exe)

4 / 68      (inconclusive)
http://lib.software-upgrade.org/flashinstall.exe  (flashplayerwin10_ver_337.exe)

The following 8 files have been seen to comunicate with lib.software-upgrade.org in live environments.

URL:
http://lib.software-upgrade.org/

Web server:
Microsoft-IIS/8.0 (ASP.NET)