home

sciagnij-online.pl

Domain Information

Server location:
Mazowieckie, Poland (PL)

ASN:
AS8535 AGORA Agora TC Sp.z.o.o.,PL

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!BF514221AC91, Artemis!8B6D56EEF653, Trojan.Artemis!FCF7D5AD866D, Artemis!1CE44AF153FA, Artemis!85D34B7BA371, Artemis!C03E5BBF5C6F
60.00%

avast!
Win32:Malware-gen, Win32:PUP-gen [PUP]
60.00%

Kaspersky
not-a-virus:Downloader.Win32.Sciagnij
60.00%

MicroWorld eScan
Application.Downloader.YB
50.00%

VIPRE Antivirus
Trojan.Win32.Generic
50.00%

K7 AntiVirus
Adware
50.00%

Arcabit
Application.Downloader.YB
50.00%

NANO AntiVirus
Trojan.Win32.Sciagnij.dulcfa, Trojan.Win32.Sciagnij.duybtb, Trojan.Win32.Sciagnij.dufird, Trojan.Win32.Sciagnij.duggct, Trojan.Win32.Sciagnij.dulcwo
50.00%

ESET NOD32
Win32/Sciagnij.A potentially unwanted (variant)
50.00%

Bitdefender
Application.Downloader.YB
50.00%

Agnitum Outpost
Riskware.Agent, PUA.Downloader
50.00%

Lavasoft Ad-Aware
Application.Downloader.YB
50.00%

F-Secure
Application.Downloader.YB
50.00%

Trend Micro
TROJ_GEN.R047C0EGS15, TROJ_GEN.R021C0OHK15, TROJ_GEN.R01TC0EGM15, TROJ_GEN.R031C0EGM15, TROJ_GEN.R047C0OHG15
50.00%

Sophos
Generic PUA KC (PUA), Generic PUA NG (PUA), Generic PUA FO (PUA), Generic PUA EI (PUA), Generic PUA FE (PUA)
50.00%

The domain sciagnij-online.pl has been seen to resolve to the following IP address.

80.252.0.132
poczta.gazeta.pl
October 13, 2015

File downloads found at URLs served by sciagnij-online.pl.

1 / 68      (PUP)
http://sciagnij-online.pl/.../install.servlet?id=312915&systemId=21  (outlook_express_sciagnij.pl.exe)

27 / 68    (PUP)
http://sciagnij-online.pl/.../install.servlet?id=6301&systemId=21  (counter-strike_sciagnij.pl.exe)

1 / 68      (PUP)
http://sciagnij-online.pl/.../install.servlet?id=308788&systemId=22  (pdf_to_word_converter_sciagnij.pl.exe)

1 / 68      (PUP)
http://sciagnij-online.pl/.../install.servlet?id=5169&systemId=21  (pdf_to_word_sciagnij.pl.exe)

24 / 68    (PUP)
http://sciagnij-online.pl/.../install.servlet?id=321862&systemId=26  (hp_4468.tmp.exe)

23 / 68    (PUP)
http://sciagnij-online.pl/.../install.servlet?id=13336&systemId=26  (4zul9sr5.exe)

1 / 68      (PUP)
http://sciagnij-online.pl/.../install.servlet?id=267&systemId=23  (kalkulator_odsetkowy_sciagnij.pl.exe)

23 / 68    (PUP)
http://sciagnij-online.pl/.../install.servlet?id=314323&systemId=26  (FIFA_Ultimate_Team_Sciagnij.pl.exe)

9 / 68      (PUP)
http://sciagnij-online.pl/.../install.servlet?id=310801&systemId=121  (microsoft_office_365_sciagnij.pl.exe)

25 / 68    (PUP)
http://sciagnij-online.pl/.../install.servlet?id=9133&systemId=23  (diablo_2_multiple_resolution_patch_sciagnij.pl.exe)

The following 4 files have been seen to comunicate with sciagnij-online.pl in live environments.

TCP » 80.252.0.132:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 80.252.0.132:80
internetenhancer.exe (Internet Enhancer)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

alert24.pl

autotrader.pl

edulandia.pl

esciagnij.pl

gamecorner.pl

gazetapraca.pl

moto.pl

sciagnij-24.pl

sciagnij.pl

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.