b.softologic.com

Softango Technology LLC  (via a Proxy Registrant)

Domain Information

The domain b.softologic.com is registered by proxy through Moniker Online Services and was originally registered in June of 2011. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher Softango Technology LLC who is located in Beaverton, Oregon in the United States.
Remove Malware from b.softologic.com - Powered by Reason Core Security
Registrar:
Moniker Online Services

Server location:
Virginia, United States (US)

Create date:
Thursday, June 30, 2011

Expires date:
Thursday, June 30, 2016

Updated date:
Tuesday, December 22, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Win.Reputation, PUP.Installer.Performersoft.T, PUP.Performersoft.Bundler (M)
100.00%

F-Prot
W32/IBrain.D.gen
100.00%

avast!
Win32:Malware-gen, Win32:InstallBrain-BC [PUP], Win32:PUP-gen [PUP]
100.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.BrainInst, not-a-virus:AdWare.Win32.BrainInst
100.00%

Commtouch SDK
W32/IBrain.D.gen!Eldorado
100.00%

Fortinet FortiGate
Adware/InstallBrain.OP
100.00%

Bkav FE
W32.Clodb8d.Trojan
100.00%

The Hacker
Adware/Downware
100.00%

Trend Micro House Call
TROJ_GEN.F47V1122
100.00%

AegisLab AV Signature
ADWARE-InstallBrain.Gen
100.00%

Total Defense
Win32/Tnega.BRRKCQ
100.00%

nProtect
Trojan-Clicker/W32.BrainInst.676192
100.00%

AhnLab V3 Security
Trojan/Win32.Brantall, Adware/Win32.BrainInst
100.00%

MicroWorld eScan
Application.Bundler.InstallBrain.A
100.00%

CMC Antivirus
AdWare.Win32.BrainInst!O
100.00%

The domain b.softologic.com has been seen to resolve to the following 6 IP addresses.

ec2-52-70-175-181.compute-1.amazonaws.com
February 13, 2016

ec2-54-235-159-97.compute-1.amazonaws.com
January 6, 2016

50.97.37.140-static.reverse.softlayer.com
December 26, 2013

50.22.188.88-static.reverse.softlayer.com
December 26, 2013

December 26, 2013

December 26, 2013

File downloads found at URLs served by b.softologic.com.

The following 7 files have been seen to comunicate with b.softologic.com in live environments.

URL:
http://b.softologic.com/

Title:
“Non-Existent Domain”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.8.0 (PHP/5.3.29)

Remove Malware from b.softologic.com - Powered by Reason Core Security