action.aybank.net

NameFind LLC

Domain Information

The domain action.aybank.net registered by NameFind LLC was initially registered in June of 2011 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, June 12, 2011

Expires date:
Sunday, June 12, 2016

Updated date:
Thursday, April 07, 2016

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AppsInstallerSL.L, PUP.Installer.AppsInstallerSL.Q, PUP.Installer.Firseria.Q, PUP.Installer.Solimba, PUP.Solimba.AppsInstaller.Installer (M), Adware.Solimba.AppsInstaller.Installer (M), PUP.Solimba.Firseria.Bundler (M), Adware.Solimba.AppsInst.Bundler (M), PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba (M)
100.00%

Malwarebytes
PUP.Optional.AppsInstaller, PUP.Optional.Firseria, PUP.Optional.PortalProgramas
39.13%

K7 AntiVirus
Trojan , Unwanted-Program
39.13%

Dr.Web
Adware.Downware.2488, Adware.Downware.3569, Adware.Downware.4802, Adware.Downware.4436, Trojan.DownLoader11.12561
39.13%

VIPRE Antivirus
DownloadMR, Threat.4150696, Threat.4782980, Trojan.Win32.Generic
39.13%

Avira AntiVirus
APPL/Firseria.A.12, APPL/Firseria.A.25, APPL/Bundler.Firseria.3, APPL/Downloader.Gen8, APPL/Bundler.Firseria.A.1, Adware/NSIS.Agent.bk
39.13%

G Data
Win32.Application.Morstar, Application.Bundler.Firseria, Gen:Variant.Application.Bundler.Firseria, Gen:Variant.Adware.Kazy.454673
39.13%

Vba32 AntiVirus
Downware.Morstar
39.13%

Agnitum Outpost
PUA.Firseria, PUA.Downware, PUA.Fiseria
39.13%

AVG
BundleApp, Adware BundleApp.DD, Solimba, Adware BundleApp.EP, Adware BundleApp.BZ
39.13%

K7 Gateway Antivirus
Trojan , Unwanted-Program
34.78%

Sophos
Solimba Installer, PUA 'Solimba Installer'
34.78%

avast!
Win32:Installer-AR [PUP], Win32:Adware-BQN [Trj], Win32:Firseria-C [PUP]
34.78%

Panda Antivirus
Trj/Genetic.gen, PUP/MultiToolbar.A, Generic Suspicious
34.78%

Comodo Security
Application.Win32.Firseria.EA, Application.Win32.Firseria.CJL, Application.Win32.Firseria.AAFX, Application.Win32.Firseria.AY
30.43%

The domain action.aybank.net has been seen to resolve to the following 3 IP addresses.

April 9, 2016

October 12, 2015

p3nlhg362c1362.shr.prod.phx3.secureserver.net
April 11, 2014

File downloads found at URLs served by action.aybank.net.

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (avs_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

26 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

33 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

37 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

33 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

32 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

36 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

21 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

23 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

21 / 68    (Adware)
http://action.aybank.net/  (i2installer.exe)

The following 8 files have been seen to comunicate with action.aybank.net in live environments.

URL:
http://action.aybank.net/

Title:
“aybank.net”

Web server:
Apache