Download
Community
knowledgeBase
» a.discountstar.xyz
Overview
Analysis
IPs Addresses (5)
Downloads (5)
Network (2)
a.discountstar.xyz
Domain Information
Server location:
Oregon, United States (US)
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Root domain:
discountstar.xyz
Analysis
Scanner detections:
Malware distribution (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Optional.PCUtilities.Task.Meta (M), Threat.Win.Reputation.IMP
100.00%
IPs Addresses
The domain a.discountstar.xyz has been seen to resolve to the following 5 IP addresses.
52.27.128.56
ec2-52-27-128-56.us-west-2.compute.amazonaws.com
November 25, 2015
52.27.128.62
ec2-52-27-128-62.us-west-2.compute.amazonaws.com
November 25, 2015
52.27.128.59
ec2-52-27-128-59.us-west-2.compute.amazonaws.com
November 25, 2015
52.27.23.115
ec2-52-27-23-115.us-west-2.compute.amazonaws.com
July 1, 2015
52.11.167.137
ec2-52-11-167-137.us-west-2.compute.amazonaws.com
July 1, 2015
Downloads
File downloads found at URLs served by a.discountstar.xyz.
1 / 68 (Malware)
http://a.discountstar.xyz/hp/?q=yrAObySFnRo2NSUMOQwGL0Z4HjY/CIoB04qvPGPC8QgLOXJwEZ9bX7S9VNe/.../a0O0a82yJPIaeyGGJCzRQMH3ZaKsCkr0TYD5Ocz C7oOOgheCQ5 JVdeJPhhJOrmZwKDlPY5j1nEAMdPQXKSULUYObQ80QqZ26rWrSUjl4QlS5K8fbeBz65C9XWzm NiU7
(download.exe)
1 / 68 (Malware)
http://a.discountstar.xyz/hp/?q=Z/1/Z1Fo0TXdlhabcd9cLlej6GUZ4LEMturGNmxKGaLdH1mg/xUhV7Vl083A4qPBpLmlJ uSOGJmh6wzty0aIiPfBNgvJmlomBFuVxRf/8O4RWSgjfiuA0VM3i44ZY1wvCssHhkHkwD9QKTXj0mDsIKZSc4EfHf2fGP7HW0WRKtKTyBGfqvizhfCw7xdCAcNyXkOJXnnXJQKgE29eKzzk12 NL biCQWiLlPgjFSN10RrIbrQteww4XMObyK3mt12 g/o9TYZ9mcUy74edbcUVZ6L998cSpVSOUtykYJeCtkbxRAf/ plOM1Y2JRvR1kX3BJi49KcRweLSt26TxtM71UFvTeUEHE0E1qUTgBMu1BQMlIAzToWc2eqMwtdDefTQNAVgYtoDcQ7qfYAPYnuB9xwQ0Q9UfBp3FPgRa/.../CATq2JuiRkPPNkVWUD6KrwPp
(exodus.gods.and.kings.2014.hdrip.xvid.ac3-juggs[etrg].exe)
1 / 68 (Malware)
http://a.discountstar.xyz/hp/?q=81dSMS2Wm25HcWYSUMFt2LNLzsBzfd9KvoiKog51ZOat6tZf5ZDl4i4iHiwEHn6QP8kIOu8WAWkt09E72VsQ65SNQayt8Q /IUPRXP7 qC4Quq7X28pmc01UD2wAkXSinajm7owL7gzJM7V5XueR NkoWAPns2yMzPEaltjk8xwDvYv AxMWnEoMKusSvF9loOevaOPEVD7p5MUlv55XXU7Z3DmsIk1fujU lNwPtczuvR1pFnWkbZDYDcxX7aQ4S2dKISGznDi9VTSxY5YC QGzZ6NBIjhcu1JUX2wj9irfpWtN/0IRNnmiuHlT/Ibt7g/mgsWUY2KPTASb3zuVz1i913ljjn aObM DLy50DJzIl58NhPQplqQtSp5a3/ommyySnqj3xTvMxan/KJBiKKHQbyxyO/.../1U3TDgMkKzSouZkDpjjosuHaGGSvprtXHk68pmtix
(exodus.gods.and.kings.2014.hdrip.xvid.ac3-juggs[etrg].exe)
1 / 68 (Malware)
http://a.discountstar.xyz/hp/?q=NwcYU7SK9kAwKurpnicUE/DzO8cf3RcBUr4aAG8n51 bGFcNxdCsJ3rmKqentLJaiHhVm3ERaxwaaE3evnBPsBoRUL7lTpz Zp812lQWs4ti9qe2XGWoWGodqWr/D2HVWPGOc3e1wk7PZkx SGF6kzlBpB9VGq8hoCn/64wjb4ddRuN5w9CPcM58VhYLgqp3QGRdpm8bGmvWtex0OtZEu8yM2NzkgXc 7JOR3yNciil/V/LXWcwYg1Io4ZWQQ/40i3SeTYKGN7q0jleywjVYIF4CuUPHzmnNnfPXa/Q/.../jWHcxxJxqHpzCfKMwF6rLVOzQfpgRcrYrCIX6kwUyv7zWEXOL8g38TH PYIRP1v PyMPT0ZDVWrW527pxvcBmCLLEzjlQVDPOfVI16iARDLOPx6QhPIadyX3HnFX08s0rlB7T3uOM7aCKTgO1q89jvZkPPEe3eoTEcrwOP
(exodus.gods.and.kings.2014.hdrip.xvid.ac3-juggs[etrg].exe)
1 / 68 (PUP)
http://a.discountstar.xyz/hp/?q=ra1/Z1F 9N/aywysurhOWmjBNnJxfoPFPF5QUBvFBid6v/k/aOnrfYgxRU/j5eEz9fnsBtOz3bkIu0q2xtbiMWFm3VRlni9jY8Ac8nQDTSnP5h/LxQ1NSENPFglOlvnGP8X7H8i9X0J8x XHviU72yfhKXqFDlfuvkzkXB4MyCap/Q1o3nNiB2cTouLNC3LIEPi/.../nEBu65uSq5gfj6MMB9ldCzd pkSUHwf60aFOgB
(download.exe)
Network Communications
The following 2 files have been seen to comunicate with a.discountstar.xyz in live environments.
TCP »
52.11.167.137
:80
download.exe
TCP »
52.27.128.56
:80
updating.exe
TCP »
52.27.128.59
:80
download.exe
TCP »
52.27.128.62
:80
updating.exe
X