Server location:
Washington, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Malware distribution (74% detected)
Scan engine
Details
Detections
ESET NOD32
Win32/InstallCore.AFN.gen potentially unwanted application, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/InstallCore.AFY potentially unwanted application, Win32/Sality.NBA virus
77.78%
avast!
Win32:Malware-gen, Win32:Sality, Win32:SaliCode, Win32:VB-OJQ [Wrm], Win32:Kukacka, Win32:Agent-AODJ [Trj]
72.22%
F-Prot
W32/Sality.gen2, W32/VB.AD.gen, W32/Heuristic-CO3!Eldorado (not disinfectable)
66.67%
Dr.Web
Trojan.InstallCore.1681, Trojan.InstallCore.978, Win32.Sector.30, Trojan.Siggen6.54687
61.11%
McAfee
Artemis!0FD3D2207301, Artemis!0756591F5975, Artemis!57C8EDE2C92A, Trojan.Artemis!0FD3D2207301, Trojan.RDN/Generic Downloader.x
61.11%
Microsoft Security Essentials
Threat.Undefined
61.11%
Kaspersky
Virus.Win32.Sality, Trojan.Win32.Swisyn
55.56%
Norman
Win32.Sality.3
50.00%
Emsisoft Anti-Malware
Trojan.Generic.6753864, Win32.Sality
38.89%
Reason Heuristics
PUP.installCore (M), Adware.Bundler (M)
33.33%
VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic, Threat.4721115, Threat.4763461, Threat.4775899
33.33%
F-Secure
Win32.Sality.3, Trojan.Generic.6753864
27.78%
Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F], PE:Malware.Generic(Thunder)!1.A1C4 [F]
22.22%
AhnLab V3 Security
PUP/Win32.Downloader
16.67%
The domain www.ranchbundleshead.com has been seen to resolve to the following 91 IP addresses.
server-54-230-193-56.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-41.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-21.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-4.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-241.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-124.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-121.iad53.r.cloudfront.net
September 3, 2016
server-54-230-193-93.iad53.r.cloudfront.net
September 3, 2016
server-52-85-131-43.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-230.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-209.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-183.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-131.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-113.iad53.r.cloudfront.net
August 3, 2016
server-52-85-131-78.iad53.r.cloudfront.net
August 3, 2016
server-52-84-125-191.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-186.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-161.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-112.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-46.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-25.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-195.iad16.r.cloudfront.net
July 29, 2016
server-52-84-125-193.iad16.r.cloudfront.net
July 29, 2016
server-52-85-131-232.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-141.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-127.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-104.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-56.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-22.iad53.r.cloudfront.net
July 14, 2016
server-52-85-131-245.iad53.r.cloudfront.net
July 14, 2016
Showing 30 of 91 IP Addresses
File downloads found at URLs served by www.ranchbundleshead.com.
The following 76 files have been seen to comunicate with www.ranchbundleshead.com in live environments.