home

www.sciagnij.pl

Domain Information

Server location:
Mazowieckie, Poland (PL)

ASN:
AS8535 AGORA Agora TC Sp.z.o.o.,PL

Root domain:
sciagnij.pl

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Agora.SciagNij (L), PUP.Agora.SciagNij.Meta (L), Threat.Win.Reputation.IMP, PUP.Agora.SciagNij.Bundler.Meta (M), Adware.Downloader.AGORASA.Meta (M), Adware.Downloader (M)
96.00%

ESET NOD32
Win32/Sciagnij.A potentially unwanted application
4.00%

Clam AntiVirus
Win.Trojan.Kazy-1425
2.00%

F-Prot
W32/A-50f321ee
2.00%

Avira AntiVirus
TR/Kazy.onbeubbi
2.00%

Bkav FE
W32.HfsPikanver
2.00%

The domain www.sciagnij.pl has been seen to resolve to the following IP address.

80.252.0.132
poczta.gazeta.pl
June 22, 2014

File downloads found at URLs served by www.sciagnij.pl.

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=315589  (the_sims_2_-_demo_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=317943  (bioshock_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=10976  (icon_converter_plus_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=10565  (system_closer_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=315151  (medieval_ii-_kingdoms_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=16630  (hp_support_assistant_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=7716  (adobe_indesign_sciagnij.pl.exe)

1 / 68      (inconclusive)
http://www.sciagnij.pl/.../install.servlet?id=313737  (pc_navigator_free_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=11921  (s7raw_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=315603  (titan_quest_–_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=320100  (arcania-_gothic_4_patch_#4_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=11113  (pt_boats-_knights_of_the_sea_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=13821  (jpg_to_pdf_converter_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=13716  (martik_usb_disk_formatter_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=539  (microsoft_office_visio_professional_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=319072  (planet_horse_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=626  (bolek_i_lolek_-_olimpiada_letnia_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=321319  (nba_2k14_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=318128  (the_godfather_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=5185  (burnaware_free_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=317566  (dave_mirra_freestyle_bmx_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=315128  (lego_star_wars_spolszczenie_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=5986  (microsoft_outlook_2007_junk_email_filter_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=312541  (team_fortress_2_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=317479  (original_war_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=11230  (bank_smaków_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=308959  (modiac_mp3_to_avi_converter_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=9286  (sim_card_seizure_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=322408  (ds4windows_(ds4_tool)_sciagnij.pl.exe)

1 / 68      (PUP)
http://www.sciagnij.pl/.../install.servlet?id=315294&systemId=21  (silent_hill_5-_homecoming_spolszczenie_sciagnij.pl.exe)

 
Latest 30 of 728 download URLs

The following 4 files have been seen to comunicate with www.sciagnij.pl in live environments.

TCP » 80.252.0.132:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 80.252.0.132:80
internetenhancer.exe (Internet Enhancer)

TCP » 80.252.0.132:80
produpd.exe (produpd.exe by Vested Development, Inc)

alert24.pl

autotrader.pl

edulandia.pl

esciagnij.pl

gamecorner.pl

gazetapraca.pl

moto.pl

sciagnij-24.pl

sciagnij-online.pl

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.