» www.icq-tools.de
Overview
Analysis
IPs Addresses (2)
Downloads (1)
Network (8)
Related Domains (3)

www.icq-tools.de

Domain Information

Server location:

Bayern, Germany (DE)

ASN:

AS24940 HETZNER-AS Hetzner Online AG

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Chip.Bundler (M)

100.00%

The domain www.icq-tools.de has been seen to resolve to the following 2 IP addresses.

www2.thinklabs-cluster.de

November 10, 2014

www1.thinklabs-cluster.de

November 10, 2014

File downloads found at URLs served by www.icq-tools.de.

1 / 68 (PUP)

http://www.icq-tools.de/.../29&name=ICQ Status Checker 1.9 Setup.exe&CoName=icq_tools:29&p1=687474703a2f2f6963712d746f6f6c732e64652f64617461626173652f546f6f6c732f32392f4943512053746174757320436865636b657220312e392053657475702e657865&p2=4943512053746174757320436865636b657220312e39205365747570&p3=4469657365204b6f6d706f6e656e746520656e7468e46c742064617320546f6f6c20224943512053746174757320436865636b6572222066fc72206465696e206963712e&p4=4943512053746174757320436865636b657220312e39205365747570&p5=4465696e20546f6f6c20766f6e206963712d746f6f6c732e64652e&p6=4943512053746174757320436865636b657220312e392053657475702e657865 (beb4d6a1ec92b2035878eeb05168ae78)

The following 8 files have been seen to comunicate with www.icq-tools.de in live environments.

TCP » 88.198.27.201:80

ocs_v71a.exe (OCS)

TCP » 46.4.173.131:80

ocs_v71a.exe (OCS)

TCP » 46.4.173.131:80

ocs_v71b.exe (OCS)

TCP » 88.198.27.201:80

ocs_v71b.exe (OCS)

TCP » 46.4.173.131:80

ocs_v71b.exe (OCS)

TCP » 46.4.173.131:80

CyberGhost.exe (CyberGhost VPN 5 by CyberGhost S.R.L)

TCP » 46.4.173.131:80

sysTPLService.exe (sysTPLService by Tlapia)

TCP » 46.4.173.131:80

ocs_v71b.exe (OCS)

TCP » 46.4.173.131:80

ocs_v71b.exe (OCS)

TCP » 88.198.27.201:80

sysTPLService.exe (sysTPLService by Tlapia)

TCP » 88.198.27.201:80

ocs_v71b.exe (OCS)

TCP » 88.198.27.201:80

ocs_v71b.exe (OCS)

TCP » 88.198.27.201:80

ocs_v71b.exe (OCS)

TCP » 88.198.27.201:80

ocs_v71b.exe (OCS)

Related Domains

download-sponsor.de

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.