home

sexysiljenkki.iantayloryciasa.cl

Domain Information

Server location:
Northern Ireland, United Kingdom (GB)

Root domain:
iantayloryciasa.cl

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.M, PUP.InstallMonster.CORLEONGROUP (M)
100.00%

The domain sexysiljenkki.iantayloryciasa.cl has been seen to resolve to the following IP address.

92.242.140.21
unallocated.barefruit.co.uk
May 4, 2015

File downloads found at URLs served by sexysiljenkki.iantayloryciasa.cl.

1 / 68      (Adware)
http://sexysiljenkki.iantayloryciasa.cl/li/rapidfiles/go.php?sid=377713&cid=34&link=http://kusojob.com/.../?sid=4331&url=http://greepusk.com/.../MaxTorrent.exe&name=t5235.torrent.exe&type=disk&size=612311&sub_id=377713  (9daa8b53394243027e5cecaba0d9223c)

1 / 68      (PUP)
http://sexysiljenkki.iantayloryciasa.cl/li/rapidfiles/go.php?sid=53170&cid=32&link=http://kusojob.com/.../?sid=4329&url=http://poluchilson.com/.../MaxTorrent.exe&name=t5235.torrent.exe&type=disk&size=612311&sub_id=53170  (2bf5cc19229ebd2cc78f2823172f5862)

The following 230 files have been seen to comunicate with sexysiljenkki.iantayloryciasa.cl in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 92.242.140.21:80
pricemeterexpress.crx

TCP » 92.242.140.21:80
chrome.crx

TCP » 92.242.140.21:80
app-center.crx

TCP » 92.242.140.21:80
ntp.crx

TCP » 92.242.140.21:80
3dayinvite.crx

TCP » 92.242.140.21:80
twitter.crx

TCP » 92.242.140.21:80
viewlater.crx

TCP » 92.242.140.21:80
rss.crx

TCP » 92.242.140.21:80
datapump.crx

 
Latest 20 of 230 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.