The domain www.exeupp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2015. Currently this domain has been known to host various forms of malware. The hosted servers are located in Toronto, Ontario within Canada which resides on the Softcom Technology Consulting Inc. network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Ontario, Canada (CA)
Create date:
Monday, May 18, 2015
Expires date:
Wednesday, May 18, 2016
Updated date:
Monday, February 1, 2016
ASN:
AS14166 SOFTCOMCA - Softcom Technology Consulting Inc.,CA
Google Safe Browsing:
malware,unwanted
Scanner detections:
Malware distribution (70% detected)
Scan engine
Details
Detections
avast!
Win32:Malware-gen, AutoIt:MalOb-HW [Trj], MSIL:Bladabindi-JK [Trj], MSIL:GenMalicious-E [Trj]
55.88%
ESET NOD32
MSIL/Kryptik.DYD (variant), Win32/Injector.Autoit.BXJ (variant), Win32/Kasidet.AB, Win32/Neurevt, MSIL/Kryptik.DTU (variant)
52.94%
Kaspersky
HEUR:Trojan.Win32.Generic, Trojan.Win32.Inject, Trojan.Win32.SelfDel, Trojan-Dropper.Win32.Autoit, Trojan.MSIL.Zapchast
52.94%
Microsoft Security Essentials
Backdoor:MSIL/Bladabindi!rfn, Trojan:Win32/Neurevt.AB, VirTool:Win32/AutInject.BQ, Threat.Undefined, Trojan:Win32/Skeeyah.A!rfn
52.94%
McAfee
Artemis!313EC2F9A29E, Artemis!DCB8F87B1157, RDN/Generic.dx!d2l, Trojan.Artemis!AA79DEFDF77E, RDN/Generic BackDoor, Artemis!68E7E4C4B72E
50.00%
Avira AntiVirus
TR/Dropper.MSIL.221727, TR/Agent.1059328.22, TR/AD.Kasidet.Y.88, DR/Autoit.A.9746, TR/Krypt.165376.22, TR/Krypt.48640.22
50.00%
Fortinet FortiGate
MSIL/Kryptik.DYD!tr, W32/Inject.VKRZ!tr, W32/SelfDel.AB!tr, MSIL/Agent.BEL!tr.dldr, W32/Autoit.BQG!tr, MSIL/Kryptik.DTU!tr
47.06%
K7 AntiVirus
Trojan , Trojan-Downloader
44.12%
Baidu Antivirus
Adware.MSIL.iBryte, Trojan.Win32.Injector, Trojan.Win32.Dropper, Trojan.MSIL.Bladabindi, Trojan.MSIL.Agent
44.12%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.5087811, Threat.4150696, Backdoor.MSIL.Bladabindi.a
41.18%
AVG
Atros2, Autoit, Autoit_c, MSIL9, Delf, Win32/Hedo, Downloader.MSIL
41.18%
ESET NOD32
MSIL/TrojanDownloader.Agent.AOV trojan, MSIL/TrojanDownloader.Small.AEY trojan, MSIL/Kryptik.ECM trojan, MSIL/Kryptik.EWR trojan, MSIL/TrojanDropper.Agent.CJO trojan, MSIL/Kryptik.CLF trojan, MSIL/Kryptik.FRJ trojan, MSIL/TrojanDownloader.Small.AHH trojan, MSIL/Injector.CMQ trojan, MSIL/TrojanDownloader.Tiny.LU trojan
41.18%
Sophos
Mal/Generic-S, Troj/AutoIt-BBC, Troj/DotNet-P
38.24%
IKARUS anti.virus
Trojan.MSIL.Crypt, Trojan.Win32.Injector, Trojan.MSIL.Bladabindi, Trojan-Downloader.MSIL.Agent
38.24%
Panda Antivirus
Generic Suspicious, Trj/Autoit.MC, Trj/CI.A, Trj/GdSda.A, Generic Malware
38.24%
The domain www.exeupp.com has been seen to resolve to the following IP address.
vps-1171693-24206.manage.myhosting.com
February 28, 2016
File downloads found at URLs served by www.exeupp.com.
Latest 30 of 70 download URLs
URL:
http://www.exeupp.com/
Google Analytics:
UA-71094201
Title:
“Upload Files - Direct EXE UPLOAD”
Description:
“Upload, share, track, manage your files in one simple to use file host.”
SSL certificate subject:
CN=www.exeupp.com, OU=PositiveSSL, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Web server:
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (PHP/5.3.29)
Facebook:
Likes: 2
Shares: 11
Comments: 20
Statistics are for the previous month.