home

silu74663zoqu.kijureayujoqof.info

Domain Information

Server location:
Madrid, Spain (ES)

ASN:
AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Root domain:
kijureayujoqof.info

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OnekitInternet.Bundler (M)
100.00%

The domain silu74663zoqu.kijureayujoqof.info has been seen to resolve to the following 3 IP addresses.

109.70.129.198
July 23, 2016

185.47.13.82
July 23, 2016

109.70.130.155
155.130.70.109.factoriadigital.com
July 23, 2016

File downloads found at URLs served by silu74663zoqu.kijureayujoqof.info.

1 / 68      (Adware)
http://silu74663zoqu.kijureayujoqof.info/.../download?p=mavmed&trckid=M_2702600840358e9aa9ca1427331305&ref=clickater.com&tid=JEC1152_SoypjKEZxm-PZjPBTZtHut  (installer_adobe_flash_player_french.exe)

The following 5 files have been seen to comunicate with silu74663zoqu.kijureayujoqof.info in live environments.

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
cyberclient.exe (CyberPlanet by Proyecto Redes)

TCP » 109.70.130.155:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.