Download
Community
knowledgeBase
» a.boxweb-fun.work
Overview
Analysis
IPs Addresses (8)
Downloads (10)
Network (9)
a.boxweb-fun.work
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Root domain:
boxweb-fun.work
Analysis
Scanner detections:
Malware distribution (100% detected)
Scan engine
Details
Detections
Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Optional.PCUtilities (M)
90.00%
Dr.Web
Trojan.PWS.Qqpass.11207
20.00%
Emsisoft Anti-Malware
Adware.MultiPlug.LW
20.00%
Norman
Adware.MultiPlug.LW
20.00%
avast!
Win32:Evo-gen [Susp], Win32:FakeDownload-G [PUP]
20.00%
Lavasoft Ad-Aware
Adware.MultiPlug.LW
10.00%
F-Secure
Adware.MultiPlug.LW
10.00%
ESET NOD32
Win32/Adware.MultiPlug.MI application
10.00%
MicroWorld eScan
Adware.MultiPlug.LW
10.00%
nProtect
Adware.MultiPlug.LW
10.00%
McAfee
Multiplug-FAD
10.00%
Zillya! Antivirus
Adware.MultiPlugGen.Win32.3
10.00%
K7 AntiVirus
Adware
10.00%
Agnitum Outpost
PUA.MultiPlug
10.00%
Bitdefender
Adware.MultiPlug.LW
10.00%
IPs Addresses
The domain a.boxweb-fun.work has been seen to resolve to the following 8 IP addresses.
52.27.128.62
ec2-52-27-128-62.us-west-2.compute.amazonaws.com
May 18, 2016
52.27.128.59
ec2-52-27-128-59.us-west-2.compute.amazonaws.com
May 18, 2016
52.27.128.56
ec2-52-27-128-56.us-west-2.compute.amazonaws.com
May 18, 2016
54.200.195.191
ec2-54-200-195-191.us-west-2.compute.amazonaws.com
June 19, 2015
54.149.241.47
ec2-54-149-241-47.us-west-2.compute.amazonaws.com
June 19, 2015
54.69.228.231
ec2-54-69-228-231.us-west-2.compute.amazonaws.com
June 19, 2015
54.68.13.248
ec2-54-68-13-248.us-west-2.compute.amazonaws.com
June 19, 2015
54.213.72.9
ec2-54-213-72-9.us-west-2.compute.amazonaws.com
June 19, 2015
Downloads
File downloads found at URLs served by a.boxweb-fun.work.
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/?q=oLvcGec4SVx/R/XZTVEsye7r8fTnGri9MclwfsNN35eTyvoBAe7se/K0jVJlfvmDiortJVpnWRxduriEJhgjccd0/ssSp9ec01xKHuEo2eQDaP/O3s4C3/I92Cn4pm8aq2fHizg H/FEsiWeOnKhqL4MRUu91FEe4ImzmC0aY5K5Fbi1dpGD4NAUEfYomC5NgxyD1tfj7A/TOiM9eetuPMIA4jvtY6JXX0PkDxbQfKuvERmPACsodx4ay4ntLPzOX8FZhFo/.../wp0zMBdSR p2EnuDoLEcB3QlemvgAPrgLOlY83N0QxnvchXxsFtGhn KKkJ
(download.exe)
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/.../oZuIWYSUMFu9hmfov03OhlWbfaEZTkTT3 IeFKxuLWSu38rGe aSrBgbGwFiE65sZq7ZLSqqRMKRBUKnixv9lvvfn15aeX5vHKwV2JTGZvCnbK2EA8CE6kyxZSV q4txGA00HKW84VR6FMXUTIQOmYtPHjEdoogG6eQmVFBeD51hXrzlFYw
(download.exe)
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/?q=mC7P2vwpumhRavqomj3MJHsZIFvqwioBJw4jHlPCZARK4pAc02BdYsYmjVQ9hE4s5pFvfeBqqRtDxQhMJhdlUCPjrsT61nfqtIk/04cD8KBN9w/.../AamvCaALkj3fdFLi3xYyZtZrcj2wC8ONMJwpRGIDJoxE
(download.exe)
1 / 68 (PUP)
http://a.boxweb-fun.work/hp/?q=rr3ZV/ubCET2urpnikdzB/xHPR3XWtPY9eRdwDP4DIe8reuuQbqxK7yFo595yhAReZREVA3Nd1XF9f3OplwEfnJW 3PFe /nCfK4rXG5DKUEEo 0VrD1xOBKiv1aTLrrXu//o9YHV9kPb/cIL/QJfqlbGKzzX5yTgLSsPeI OzqiPRaBGUyWiMSviMTAdZYoYvtDI/jHt1XncTWG 87Vr6hTDoCmG4saHV5QUA0S/ZucnSaCMqtY9HJj1IbqanQN0Lr9AMaemYi9gkSvS7gdKQ0LQVYsFSCcDxwPRu9eu5bMjiIl46/.../iYfyFOft1Sykk8icV9RqhvhkPdsQDvqgEszzYo43pILHWClYMJNqlQTdAggPAT GB14F8
(hackear facebook contrasea.exe)
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/?q=TWMzvzV c BHTNPRJLt2PQfzyXzBVSNL vveu7rHHPi0t/.../yNWkoxKpyAcvUp58J6rMtg7SniZsBlcxFPAda081bKXxbQJDvkAKJVPWvW3CagEZY4KxKIu3wDoWgBr5HxcbZONwuYV7zZKrEAQ
(download.exe)
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/?q=5nZH7MXEWY6K789/.../HYdVCFAxjQGiRRSHl9plzvc9aNL4vzgJH7Yb6MqqKVewoKMSLeJtTupeXySrOBua7Twnme FAYD6mhdMcTnvHLLAhSDD6 Cn3 eD2GWdem16b5yBy9cB0oyNqZNGLhUcTyoB798U0g0GEx51Hejbu8ZK6LVJHdj2be5ko2A
(download.exe)
1 / 68 (Malware)
http://a.boxweb-fun.work/hp/?q=LvzaKohAs4p16VNPRJz0US11wJVeeihuHp8n3RuEKXHv3oW3rzTfH nDjCPo2zk4thXMw7cKS/yXO cXkb2UEQo9wKStesTqxJB7O8FBeC I6gGVVnx5Wda6rWHVUwYXRQA3QmL kI1oI1HdD5wo1E4Pwt1gZSN6T30Zc4M8 KJ0gMl75ODNt/.../b9kyGY7RWlUCi1dJbqSe7wF
(juego45dpack.rar.exe)
5 / 68 (PUP)
http://a.boxweb-fun.work/hp/.../eTvGbcdefAZ9JGhpyChWGrLNHuNI sZRMLLLx9Tu509w7NxCVN2oCxU3BBPwe3eQif9jONI6NDCftyTEDa32XlGgSDmCQGUl85JhSZZu4PJtMV7n7Wfp9H gN0koo90Rijck6AS4f51ImL Mr 3 gKGv7RHUz4PNdlmrMe7YhNJ 4 GfFwDpdCT6HHLg9bXj6uZMSmImpyRe
(download.exe)
1 / 68 (PUP)
http://a.boxweb-fun.work/hp/?q=53XF6Dzh zadDWYSUMFuY7YRaY0eEMB PGPrkGkMl21cQTeJgFpAMXHwwvcE4Bj0UC9Y9cvJPKzYLz/ CfaedwQJvzic1cshUIqMHiJvk46WhQ8gd78782dxhXNKwiCdPwBO2VI29r7oVk6FvFRi9xuO4yT dLTPh/oOjxMxawXsjxVmge76QikYywykHiucvA/.../h3KxMBu20A
(_1 46 avi.exe)
23 / 68 (PUP)
http://a.boxweb-fun.work/hp/?q=HCvcG3jfrZxjsurpnicUZMq56C73eyHLBb4yxE9uQbpIO60q3tlnqYo6mLdROquDeXSAN32NRajHjhgVmMnnKwuivoXgsgMUsJxgGINiJ3meEki9B8kqiwwvvHPrEa0vBbxaBCZeTxEOjWu33X YZwSt1ebfIRDgyE6Y4izw9r1HxOBGnt0uTVxtCxP/.../IH9frvIej8xPlx gg481rC5CQQJhNCBrG2kJdArku1z8EYvE kFxvWQhNLAWWgwVWNhQeBDejwzyD7E5vAPt2zyMqiGji6b1YCAm
(rambo 2008 dvdscr xvid lrc.exe)
Network Communications
The following 9 files have been seen to comunicate with a.boxweb-fun.work in live environments.
TCP »
52.27.128.56
:80
updating.exe
TCP »
52.27.128.59
:80
download.exe
TCP »
52.27.128.62
:80
updating.exe
TCP »
54.149.241.47
:80
papers please v1.0.41 setup.exe
TCP »
54.149.241.47
:80
installer_game develop.exe
TCP »
54.213.72.9
:80
setup installer.exe (Win by Microsoft)
TCP »
54.213.72.9
:80
tmp5600.tmp
TCP »
54.213.72.9
:80
tmp61f7.tmp
TCP »
54.68.13.248
:80
tmp781a.tmp
TCP »
54.69.228.231
:80
download.exe
X