home

malhafinaassistencia.com

Repossessed by Go Daddy

Domain Information

The domain malhafinaassistencia.com registered by Repossessed by Go Daddy was initially registered in August of 2015 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Saturday, August 15, 2015

Expires date:
Monday, August 15, 2016

Updated date:
Friday, October 2, 2015

Whois:
1 malhafinaassistencia.com record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Kaspersky
Backdoor.Java.Agent, Trojan-Ransom.Win32.Blocker
100.00%

Avira AntiVirus
DR/Mkar.E.3
50.00%

Panda Antivirus
Generic Suspicious
50.00%

Baidu Antivirus
Backdoor.Java.Agent
50.00%

Microsoft Security Essentials
Threat.Undefined
50.00%

McAfee
Trojan.Artemis!4EBCD57AA485
50.00%

Emsisoft Anti-Malware
Gen:Variant.Strictor.95148
50.00%

ESET NOD32
MSIL/TrojanDownloader.Banload.EQ trojan
50.00%

F-Secure
Variant.Strictor.95148
50.00%

avast!
Win32:Dropper-gen [Drp]
50.00%

Norman
Gen:Variant.Strictor.95148
50.00%

Lavasoft Ad-Aware
Gen:Variant.Strictor.95148
50.00%

The domain malhafinaassistencia.com has been seen to resolve to the following IP address.

50.63.202.43
ip-50-63-202-43.ip.secureserver.net
March 4, 2016

File downloads found at URLs served by malhafinaassistencia.com.

9 / 68      (Malware)
http://malhafinaassistencia.com/  (receita_0.0.3.exe)

4 / 68      (Malware)
http://malhafinaassistencia.com/  (receitanet-10.17.exe)

The following 5 files have been seen to comunicate with malhafinaassistencia.com in live environments.

TCP » 50.63.202.43:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.43:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 50.63.202.43:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 50.63.202.43:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 50.63.202.43:80
produpd.exe (produpd.exe by Vested Development, Inc)

URL:
http://malhafinaassistencia.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

0112online.info

0125b.info

2secondsfiles.net

beginvac.info

chipcontact.info

circuitspeech.info

decidemanager.com

defianceportal.info

devbitrack.com

discdispatch.info

dominionplatform.info

down0101tech.info

downloadeigiesoquahv.com

electronicswiki.info

ez-download.com

fdg345.org

fenserka.com

forkmanager.com

get1993desk.com

hindivideosongsdownloadfree.com

inforeceita.com

kabah.info

mango-download.com

media1987static.com

mediaconvertdownload.com

mintbasic.info

newelume.com

newharyanvisongs.in

newplaystore.com

nmsgv.us

30 of 38 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.