» perf.behaviorpanel.com
Overview
Analysis
IPs Addresses (1)
Downloads (6)
Network (3)
Website Detail
Related Domains (6)

perf.behaviorpanel.com

Grupo Isec S.L.

Domain Information

The domain perf.behaviorpanel.com registered by Grupo Isec S.L. was initially registered in April of 2014 through OVH. Currently this domain has been known to host various forms of malware. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.

Registrant:

Grupo Isec S.L.

Registrar:

OVH

Server location:

Nord-Pas-De-Calais, France (FR)

Create date:

Friday, April 18, 2014

Expires date:

Tuesday, April 18, 2017

Updated date:

Sunday, April 3, 2016

ASN:

AS16276 OVH OVH SAS,FR

Root domain:

behaviorpanel.com

Whois:

2 behaviorpanel.com records

Scanner detections:

Malware distribution (83% detected)

Scan engine

Details

Detections

K7 AntiVirus

Trojan , Riskware

100.00%

avast!

Win32:Malware-gen

100.00%

Kaspersky

Trojan-Dropper.Win32.Injector, Trojan-Downloader.Win32.Genome, Trojan.Win32.Pincav

100.00%

Trend Micro

TROJ_GEN.R028C0DG215, TROJ_GEN.R08NC0EF115, TROJ_DYER.BMC, TROJ_GEN.R028C0DFT15

100.00%

Sophos

Mal/Generic-S

100.00%

Avira AntiVirus

TR/Dropper.Gen, TR/Dldr.Megone.140164, DR/AutoIt.Gen

100.00%

McAfee

Artemis!E9A8F1492AB5, Artemis!E67071769529, Artemis!9618C6B65745, Artemis!EB6710CEAEF1, Artemis!DE23C96B36A9

100.00%

Panda Antivirus

Trj/CI.A

100.00%

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen, Win32/Trojan.Downloader.6ff

100.00%

MicroWorld eScan

AIT:Trojan.Autoit.CLH, Trojan.Generic.14630398

80.00%

nProtect

AIT:Trojan.Autoit.CLH, Trojan.Generic.14630398

80.00%

Quick Heal

TrojanPWS.AutoIt.Zbot.S, TrojanPWS.AutoIt.Zbot.F

80.00%

VIPRE Antivirus

Trojan.Win32.Generic

80.00%

ESET NOD32

Win32/TrojanDropper.Autoit.JU (variant)

80.00%

Bitdefender

AIT:Trojan.Autoit.CLH, Trojan.Generic.14630398

80.00%

The domain perf.behaviorpanel.com has been seen to resolve to the following IP address.

87.98.231.18

cluster007.ovh.net

March 4, 2016

File downloads found at URLs served by perf.behaviorpanel.com.

27 / 68 (Malware)

http://perf.behaviorpanel.com/?q=uTorrent32-64bits.exe (de23c96b36a98b36f38a279bbef6806f)

0 / 68

http://perf.behaviorpanel.com/?q=uTorrent32-64bits.exe (67003a06eda042969807e65a7a677738)

30 / 68 (Malware)

http://perf.behaviorpanel.com/?q=Cronicas vampiricas - 1x01 (cronicas_vampiricas_-_1x01.exe)

30 / 68 (Malware)

http://perf.behaviorpanel.com/?q=Cronicas vampiricas - 1x01 (cronicas_vampiricas_-_1x01.exe)

29 / 68 (Malware)

http://perf.behaviorpanel.com/?q=Cronicas vampiricas - 1x01 (sin confirmar 727141.crdownload)

14 / 68 (PUP)

http://perf.behaviorpanel.com/?q=TvHdPlayer (acestreaminstaller.exe)

The following 3 files have been seen to comunicate with perf.behaviorpanel.com in live environments.

TCP » 87.98.231.18:80

jingling.exe

TCP » 87.98.231.18:80

onlineguardian-v2.exe

TCP » 87.98.231.18:80

online-guardian-v2.0.9.exe

URL:

http://perf.behaviorpanel.com/

Web server:

Apache

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.