home

www.softwareupdateallversionsdriversandsettings.com

melina briceno

Domain Information

The domain www.softwareupdateallversionsdriversandsettings.com registered by melina briceno was initially registered in November of 2015 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Saturday, November 7, 2015

Expires date:
Monday, November 7, 2016

Updated date:
Tuesday, December 8, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:
softwareupdateallversionsdriversandsettings.com

Whois:
1 softwareupdateallversionsdriversandsettings.com record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Kaspersky
Backdoor.Win32.Farfli, Trojan.Win32.Autoit
100.00%

Emsisoft Anti-Malware
Trojan.GenericKD.3014460, Trojan.GenericKD.2992310, Trojan.GenericKD.2997614
100.00%

Microsoft Security Essentials
Backdoor:Win32/Bergat.A, Threat.Undefined
100.00%

ESET NOD32
Win32/Injector.Autoit.CAF trojan
66.67%

Norman
Trojan.GenericKD.2992310, Trojan.GenericKD.2997614
66.67%

Bkav FE
W32.HfsAtITPSINF
33.33%

MicroWorld eScan
Trojan.GenericKD.3014460
33.33%

nProtect
Trojan.GenericKD.3014460
33.33%

Quick Heal
TrojanPWS.AutoIt.Zbot.F
33.33%

McAfee
Artemis!B37ED34B6C12
33.33%

Malwarebytes
Trojan.Injector.AutoIt
33.33%

K7 AntiVirus
Riskware
33.33%

Arcabit
Trojan.Generic.D2DFF3C
33.33%

ESET NOD32
Win32/Injector.Autoit.CAZ (variant)
33.33%

avast!
Win32:Malware-gen
33.33%

The domain www.softwareupdateallversionsdriversandsettings.com has been seen to resolve to the following IP address.

50.63.202.61
ip-50-63-202-61.ip.secureserver.net
August 26, 2016

File downloads found at URLs served by www.softwareupdateallversionsdriversandsettings.com.

6 / 68      (Malware)
http://www.softwareupdateallversionsdriversandsettings.com/0fficekeyupdate00.exe  (df06e62e5599afefc40b09ce948d707a)

6 / 68      (Malware)
http://www.softwareupdateallversionsdriversandsettings.com/javatempsettings10.exe  (6429c6867402df4e4598c1ff31e4bee9)

28 / 68    (Malware)
http://www.softwareupdateallversionsdriversandsettings.com/ad0vef1ashplay3r.exe  (b37ed34b6c1246f261d9e74674643a78)

The following 64 files have been seen to comunicate with www.softwareupdateallversionsdriversandsettings.com in live environments.

TCP » 50.63.202.61:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.61:80
75f7b4c4-185e-480b-938c-ce312e4a0a79-5.exe (iWebar by Webby)

TCP » 50.63.202.61:80
9345bae9-73a7-4f39-88aa-c3295fb5be4a-1-7.exe (enterprise 1.1 by Marketi)

TCP » 50.63.202.61:80
9d20d7b1-aa67-46c4-b0ce-8fba22c3e101-1-7.exe (CinemaP-1.8cV17.02 by Cinema PlusV17.02)

TCP » 50.63.202.61:80
ftdownloader v4.0-bg.exe (FTdownloader V4.0 by installdaddy)

TCP » 50.63.202.61:80
209c5014-1086-45c0-8f72-064ed431e84e-5.exe (Cinema Video 1.8V21.02 by Cinema VideoV21.02)

TCP » 50.63.202.61:80
eace78ea-f050-4b94-b6b3-fb9f1bbdedbe-1-7.exe (HQCinema Pro 2.1V18.02 by HQ CinemaV18.02)

TCP » 50.63.202.61:80
209c5014-1086-45c0-8f72-064ed431e84e-7.exe (Cinema Video 1.8V21.02 by Cinema VideoV21.02)

TCP » 50.63.202.61:80
14461aef-68e4-4032-ae9b-7721305a6ad5-1-7.exe (SavePass 1.1 by OB)

TCP » 50.63.202.61:80
2316a295-f6e0-4244-b2c5-be00ea8462e8-7.exe (GoHD by InstallMoon)

TCP » 50.63.202.61:80
2caa1bb6-c9da-4405-96f8-1ac17aee8b45-5.exe (CinemaP-1.8cV21.02 by Cinema PlusV21.02)

TCP » 50.63.202.61:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.63.202.61:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.61:80
ecccc5c8-6acd-4d22-b47d-a99949d0dc28-10.exe (I - Cinema by iCinema)

TCP » 50.63.202.61:80
ecccc5c8-6acd-4d22-b47d-a99949d0dc28-4.exe (I - Cinema by iCinema)

TCP » 50.63.202.61:80
a5719f02-6eb1-4ac6-a38b-3cb3fd43a38d-5.exe (winservice86 by Corporate Inc)

TCP » 50.63.202.61:80
bafb648d-9f78-43bb-b231-20f8a5288d08-1-7.exe (iWebar by Webby)

TCP » 50.63.202.61:80
5f7f0629-2a6b-49b1-bd91-e37d0c5bf78d-1-7.exe (GoHD by InstallMoon)

TCP » 50.63.202.61:80
47e26a51-313e-4f6e-bfba-76003377a4c5-1-7.exe (I - Cinema by DiscountFrenzy)

TCP » 50.63.202.61:80
5f7f0629-2a6b-49b1-bd91-e37d0c5bf78d-5.exe (GoHD by InstallMoon)

 
Latest 20 of 64 files

URL:
http://www.softwareupdateallversionsdriversandsettings.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

0114app.info

0121g.info

0122b.info

0125d.info

buremery.com

ddl1001.info

downloadnet.org

downloadtorch.com

ifreedownloadss.com

keyprobox.com

luckready.com

m-mobogenie.co

madinaplus.me

micloud.solutions

oatcard.com

online2videopctools.com

papyon.co

postsabai.info

renaissancerun.info

rowcard.com

seemsready.com

softohqimjjedf0jq.net

tinyboxarcade.com

top-arama.com

topfiles.me

warehomepage.info

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.