home

sub.lakiet.info

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
lakiet.info

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Somoto, PUP.Bundler.Somoto, PUP.Somoto.SiteonSpot.Bundler (M), PUP.Somoto.SiteonSp.Bundler (M), PUP.Somoto.Mocal.Bundler (M), Adware.Somoto.Installer.Meta (M)
92.31%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
38.46%

Dr.Web
Adware.Somoto.128, Threat.Undefined
38.46%

Clam AntiVirus
Win.Adware.Somoto
38.46%

AVG
Potentially harmful program Downloader.DTV, AdLoad.R
38.46%

Quick Heal
Adware.NSIS.BetterInstaller.A
38.46%

K7 AntiVirus
Trojan
38.46%

Baidu Antivirus
Adware.Win32.Somoto
38.46%

Malwarebytes
PUP.Optional.Somoto.A
30.77%

Panda Antivirus
Trj/Genetic.gen
30.77%

ESET NOD32
Win32/Somoto.G potentially unwanted application
23.08%

Trend Micro House Call
TROJ_GEN.R0E9C0OBO15, TROJ_GEN.R0C1H07C315, TROJ_GEN.R02SH07C315
23.08%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen
23.08%

Kaspersky
not-a-virus:Downloader.Win32.Agent
15.38%

NANO AntiVirus
Riskware.Win32.Downware.digcac
15.38%

The domain sub.lakiet.info has been seen to resolve to the following 8 IP addresses.

54.230.16.118
server-54-230-16-118.iad12.r.cloudfront.net
March 22, 2015

54.240.160.243
server-54-240-160-243.iad12.r.cloudfront.net
March 22, 2015

54.240.160.39
server-54-240-160-39.iad12.r.cloudfront.net
March 22, 2015

54.230.19.194
server-54-230-19-194.iad12.r.cloudfront.net
March 22, 2015

54.230.19.99
server-54-230-19-99.iad12.r.cloudfront.net
March 22, 2015

54.230.18.167
server-54-230-18-167.iad12.r.cloudfront.net
March 22, 2015

54.230.17.229
server-54-230-17-229.iad12.r.cloudfront.net
March 22, 2015

54.230.17.151
server-54-230-17-151.iad12.r.cloudfront.net
March 22, 2015

File downloads found at URLs served by sub.lakiet.info.

1 / 68      (PUP)
http://sub.lakiet.info/Nd6vjdTpu11e15fdd0cac1e5c4c226d9ae1dd046a07qetTEMV56YToyOntzOjI6InRzIjtpOjE0MjU0MDMzNTI7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTMxMjI1NTcwMC5leGUiO30=  (filedownloaded20successfully_downloader-nd6vjdtpu.exe)

1 / 68      (Adware)
http://sub.lakiet.info/N4G2NlywL4e9144cc63d6ce476037a2482e58602e0xmMgOafz89YToyOntzOjI6InRzIjtpOjE0MjUzNzc5MDc7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTM3NjkzODUwMy5leGUiO30=  (freezip_downloader-n4g2nlywl.exe)

1 / 68      (Adware)
http://sub.lakiet.info/N2KYJrYfN07831e109676d368f210da467d6f9cc30HQnbZKh4v3YToyOntzOjI6InRzIjtpOjE0MjU0NzMyNDc7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTQ3MDU0Njk2My5leGUiO30=  (igncartefrancefrenchdvdrip2015_downloader-n2kyjryfn.exe)

1 / 68      (Adware)
http://sub.lakiet.info/N3s2xkpdO392e9700f133325b68dce85e0ccd3eb50qsZwE2losuYToyOntzOjI6InRzIjtpOjE0MjU0MzU2NTU7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTQzNDU4OTQ2My5leGUiO30=  (downloadmicrosoftoffice2010professionalplus2010(32bitdan64bit)fullversionactivator100%working_downlo)

1 / 68      (Adware)
http://sub.lakiet.info/Nc0RkhFtb37686226d6ff7bb132727c3a9b2357940NtTZPYHNIKYToyOntzOjI6InRzIjtpOjE0MjU1ODI1OTY7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTU3ODUzNjYyNi5leGUiO30=  (izrjc_s9.exe)

1 / 68      (Adware)
http://sub.lakiet.info/QecUvXdIY6594fc91c268642109dd9cec8f8dfb3f0AuBvW93AZZYToyOntzOjI6InRzIjtpOjE0MjU0NjExMjQ7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTQ1OTcyODM4OC5leGUiO30=  (captureit_downloader-qecuvxdiy.exe)

1 / 68      (Adware)
http://sub.lakiet.info/N9LrxRzPA315f977a2943856fe545402032e7c7360HlI8VV7g7KYToyOntzOjI6InRzIjtpOjE0MjU1MjA5MjA7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTUxNzMzNjc4Mi5leGUiO30=  (downloadcounterstrikextremev7_downloader-n9lrxrzpa.exe)

1 / 68      (Adware)
http://sub.lakiet.info/Q6EWGV5AZccddb4ff35a8f23da78107154e8d9fc905X4VxRYzh5YToyOntzOjI6InRzIjtpOjE0MjU1MTM4MDI7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTUxMzczNjI0NC5leGUiO30=  (download-discografia-completa--a-turma-do-bal--o-m--gico_downloader-q6ewgv5az.exe)

15 / 68    (Adware)
http://sub.lakiet.info/Q7pi4lGsza8a93ff8bff934c66512fe8fbafc113c0OHDvrt2i5FYToyOntzOjI6InRzIjtpOjE0MjUzODM4NDE7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTM3NjkyOTMxNS5leGUiO30=  (tuneuputilities2014setupwithserialkey_downloader-q7pi4lgsz.exe)

14 / 68    (Adware)
http://sub.lakiet.info/Q8G3l3DjNda9f1529f644883951f1773c0ef44dcc0wAAWSNX13FYToyOntzOjI6InRzIjtpOjE0MjUzODM5OTk7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTM3NjkzNDA0NS5leGUiO30=  (tuneuputilities2014setupwithserialkey_downloader-q8g3l3djn.exe)

13 / 68    (Adware)
http://sub.lakiet.info/Q2CqR67vec66d1aa968a786f272333a6798ebce0e0gvRHgl2vb6YToyOntzOjI6InRzIjtpOjE0MjUzODQxNDY7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTM4NDEzMTI5NC5leGUiO30=  (tuneuputilities2014setupwithserialkey_downloader-q2cqr67ve.exe)

11 / 68    (PUP)
http://sub.lakiet.info/N3MAmZdW3f86ac0a4195ab4156e628d2c1fb6e6e70a9J8NZAWsmYToyOntzOjI6InRzIjtpOjE0MjU0NzYyODU7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTM4NDIzNDk1My5leGUiO30=  (filedownloaded20successfully_downloader-n3mamzdw3.exe)

13 / 68    (Adware)
http://sub.lakiet.info/NdjQPXW6N99a1a0950cc178ab61832954e9907ea10CbcT8tFpWnYToyOntzOjI6InRzIjtpOjE0MjU0Nzk1NTU7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQyNTQ3NzczMDkzMy5leGUiO30=  (wifipasswordcracker4_downloader-ndjqpxw6n.exe)

The following file have been seen to comunicate with sub.lakiet.info in live environments.

TCP » 54.230.18.167:443
browser.exe (Browser)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.