» a.instancetide-all.xyz
Overview
Analysis
IPs Addresses (4)
Downloads (1)
Network (2)

a.instancetide-all.xyz

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

instancetide-all.xyz

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Threat.Win.Reputation.IMP

100.00%

The domain a.instancetide-all.xyz has been seen to resolve to the following 4 IP addresses.

ec2-52-27-128-62.us-west-2.compute.amazonaws.com

July 2, 2015

ec2-52-27-128-59.us-west-2.compute.amazonaws.com

July 2, 2015

ec2-52-27-128-56.us-west-2.compute.amazonaws.com

July 2, 2015

ec2-52-11-167-137.us-west-2.compute.amazonaws.com

July 2, 2015

File downloads found at URLs served by a.instancetide-all.xyz.

1 / 68 (Malware)

http://a.instancetide-all.xyz/hp/?q=elBQcpndkeZuefABCDN7oBCA/rfDej7cRK 3AuFNdm6tziBvtTEI7wJ6DYUEv5EVYe0NreXzN5ySV7Nq6LDbBmt39NVOqMmxWh0NlWFkawE2/Rng3nfgG1ZzxPtzy8IhaeSxmOUM/npygBos0v5RLZzb48vVi9utOatFT/tpkb2OqAh/QcQGesVGTAhzhC 3z fbwgRaWC3aHbekhhkxqKK/.../luoS0oGOGvib3wZVTzXMUqbs9IuRmIHSSPTEQbvy1a2HroafDhRYLQq7N HTZ6IM1OE3a1LCzrtyTFCJ3d7K8yGwjr8EkjiHZ8sWDMSXRVsbUr8JccrTDoEXYKVzkm8pa1QdtPqPc2 gZtpHDCdmAM4E7WR9jJZGboZ 3QjqdGTIXaw337Brn 4 tNxgV5aI63Kr8x1dAU&external_id=1435566631443891202 (key easeus data recovery wizard 8.8.rar.exe)

The following 2 files have been seen to comunicate with a.instancetide-all.xyz in live environments.

TCP » 52.11.167.137:80

TCP » 52.27.128.56:80

TCP » 52.27.128.59:80

TCP » 52.27.128.62:80

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.