» www.febwedne.com
Overview
Analysis
IPs Addresses (1)
Downloads (6)

www.febwedne.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

febwedne.com

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

F-Prot

W32/Parite.B, W32/Sality.gen2, W32/Ramnit.E

83.33%

Dr.Web

Win32.Parite.2, Win32.Sector.30, Trojan.Inject1.28681, Win32.Sector.22

83.33%

Microsoft Security Essentials

Threat.Undefined

83.33%

avast!

Win32:Parite, Win32:Kukacka, Win32:RmnDrp, Win32:SaliCode

83.33%

McAfee

Virus.W32/Pate.b, Virus.W32/Sality.gen.z, Virus.W32/Gnamer

83.33%

ESET NOD32

Win32/Parite.B virus, Win32/Sality.NBA virus, Win32/Ramnit.H virus

83.33%

Kaspersky

Virus.Win32.Parite, Virus.Win32.Sality, Virus.Win32.Nimnul

83.33%

Norman

Win32.Parite.B, Win32.Sality.3, Worm.Generic.377772

83.33%

F-Secure

Win32.Parite.B, Worm.Generic.377772, Win32.Sality.3

66.67%

Emsisoft Anti-Malware

Win32.Parite, Worm.Generic.377772, Win32.Sality

50.00%

AVG

Win32/Parite, Win32/Sality

50.00%

Reason Heuristics

Adware.Bundler (M)

16.67%

Sophos

Virus 'W32/Ramnit-A'

16.67%

VIPRE Antivirus

Threat.4721115

16.67%

The domain www.febwedne.com has been seen to resolve to the following IP address.

52.35.105.138

ec2-52-35-105-138.us-west-2.compute.amazonaws.com

April 12, 2016

File downloads found at URLs served by www.febwedne.com.

11 / 68 (Infected)

http://www.febwedne.com/.../installer.exe (69a48b8507ce18a416ad5c16e9183866)

10 / 68 (Infected)

http://www.febwedne.com/.../installer.exe (a67591295c10cfd6f2e920ea3339f9aa)

9 / 68 (Infected)

http://www.febwedne.com/.../installer.exe (bdfb79057ac7b0b41169177c1bc9995a)

11 / 68 (Malware)

http://www.febwedne.com/.../installer.exe (1eff1ce70c0b76eba4bb93b5d7f7a0ad)

1 / 68 (PUP)

http://www.febwedne.com/.../installer.exe (fac42e40306bb909005dc1afe14cd67d)

11 / 68 (Infected)

http://www.febwedne.com/.../installer.exe (49e8584374c477ff9c112da2711c9f44)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.