» www.poolsharks.com
Overview
Analysis
IPs Addresses (1)
Downloads (1)
Network (28)

www.poolsharks.com

Domain Information

Server location:

Florida, United States (US)

ASN:

AS32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Prolexic Technologies, Inc.,US

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Sanlis.T

100.00%

The domain www.poolsharks.com has been seen to resolve to the following IP address.

unknown.prolexic.com

May 3, 2015

File downloads found at URLs served by www.poolsharks.com.

1 / 68 (PUP)

http://www.poolsharks.com/PoolSharksinstaller.exe (fcb0e1ce1a28e708ae3b449ab2d78fd1)

The following 28 files have been seen to comunicate with www.poolsharks.com in live environments.

TCP » 72.52.4.119:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80

TBNotifier.exe (Ask TBNotifier by APN)

TCP » 72.52.4.119:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80

ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 72.52.4.119:80

online-guardian-v2.0.9.exe

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 72.52.4.119:80

autorun.exe (SoftFullDownload.blogspot.com)

TCP » 72.52.4.119:80

hbpzabffmyx.exe

TCP » 72.52.4.119:80

cpx.exe (Google Embedded Application)

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

TCP » 72.52.4.119:25

TCP » 72.52.4.119:25

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

websiterecommendation_2_2.crx

TCP » 72.52.4.119:80

fanaticoonline.crx

TCP » 72.52.4.119:25

tiddiszagtor.exe (Faster Aids Manager by XIGMATEK)

TCP » 72.52.4.119:326

Latest 20 of 33 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.