home

cdn2.chironexfleckerisilver.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain cdn2.chironexfleckerisilver.com is registered by proxy through ENOM, INC. and was originally registered in February of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Ohio within the United States which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Ohio, United States (US)

Create date:
Friday, February 27, 2015

Expires date:
Monday, February 27, 2017

Updated date:
Thursday, January 28, 2016

ASN:
AS60068 CDN77 Datacamp Limited,GB

Root domain:
chironexfleckerisilver.com

Whois:
2 chironexfleckerisilver.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.PCBackupSoftwareLimited.H, PUP.Optional.SmartPCSolutions.H, PUP.Optional.SmartPCSolutions.S, PUP.CompuClever.Installer.Meta (L), PUP.SafeBytes.Optional.Installer.Meta (L), Threat.Air Software.Bundler, PUP.PC Utilities.PCUtilities
88.89%

AVG
Generic, Smartpcso, Win.Threat.High, Potentially harmful program Downloader.EQH
72.22%

Dr.Web
Threat.Undefined, Trojan.OutBrowse.138, riskware program Program.Unwanted.295, Trojan.Vittalia.30, Program.Unwanted.519
66.67%

avast!
Win32:OptimizerPro-A [PUP], PUP-gen [PUP], OptimizerPro-G [PUP], Win32:Dropper-gen [Drp], Win32:OptimizerPro-G [PUP], Adware-CKC [PUP]
66.67%

Kaspersky
Trojan-FakeAV.Win32.Agent, Trojan.Win32.Inject, Hoax.Win32.ArchSMS, Trojan-Downloader.Win32.Genome
61.11%

VIPRE Antivirus
Threat.5068139, Threat.4150696, Threat.4893613, Trojan.Win32.Generic, OptimizerPro, Threat.4782985
61.11%

McAfee
Artemis!19C996592ADE, Artemis!83104CC0EBA4, Artemis!4CFD8AF2562F, Artemis!C162B81B419D, Trojan.Artemis!D498FDCEF62A, Artemis!ECFD9B7ABFC0, Artemis!D9A52A034513
55.56%

NANO AntiVirus
Riskware.Win32.Unwanted.dnutaa, Trojan.Win32.Inject.dpcnsi, Riskware.Win32.Unwanted.dqmtwu, Trojan.Win32.Vittalia.dqfrig
55.56%

Bkav FE
W32.HfsAdware
55.56%

Qihoo 360 Security
Win32/Trojan.5f3, Win32/Trojan.f78, Win32/Trojan.Multi.daf, HEUR/QVM41.1.Malware.Gen, Win32/Trojan.Downloader.b94, Win32/Trojan.3b0
50.00%

Baidu Antivirus
Adware.Win32.SpeedingUpMyPC, PUA.Win32.SpeedingUpMyPC, Adware.Win32.Genome, PUA.Win32.Rezimitpo
50.00%

G Data
Win32.Application.OptimizerPro, Gen:Variant.Adware.Mikey.11354
50.00%

Panda Antivirus
Trj/Genetic.gen, Trj/CI.A, PUP/OptimizerPro
50.00%

MicroWorld eScan
Trojan.GenericKD.2239329, Gen:Variant.Adware.Mikey.11354, Application.Generic.1266142, Trojan.Generic.13106562, Application.Generic.1283457
44.44%

Quick Heal
PUA.OptimizerPro.A8, PUA.Pcutilitie.Gen, TrojanDownloader.gen.r5
44.44%

The domain cdn2.chironexfleckerisilver.com has been seen to resolve to the following IP address.

185.59.223.24
new-york-2.cdn77.com
May 14, 2015

File downloads found at URLs served by cdn2.chironexfleckerisilver.com.

34 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro6.exe  (hqghumeaylnlf.exe)

18 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro8.exe  (6cec6fda12bcec13fa010e07089d84ad)

1 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../pcmaestropowersuite_setup7.exe  (a2089a0848e4395605b777cd5d324b92)

26 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro4.exe  (27081f1125fcb718a7247193fefa7468)

33 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro9.exe  (hqghumeaylnlf.exe)

16 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../aff_setup2.exe  (d498fdcef62a36fae6a148b5f82a0b4e)

4 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../PCHealthKitUK.exe  (aire9d2.exe)

4 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../PCHealthKit-others.exe  (9402e9ea578ad7ebab830b99d84c56b9)

6 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../aff_setup.exe  (aird8b9.exe)

18 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro3.exe  (19c996592ade09b55e727c4adbce2dd7)

32 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro10.exe  (hqghumeaylnlf.exe)

30 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro14.exe  (hqghumeaylnlf.exe)

1 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../pcmaestropowersuite_setup8.exe  (bf1015fb73c5ea55cbc4a5866b090519)

21 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro5.exe  (b28a09eae8266d377288d948e5f5ec09)

31 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../OptimizerPro13.exe  (hqghumeaylnlf.exe)

10 / 68    (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../aff_setup3.exe  (d9a52a034513c65a48e8ac032dd5cb4d)

1 / 68      (PUP)
http://cdn2.chironexfleckerisilver.com/downloads/offers/.../DriverAssist-Setup.exe  (5757d897e02db9a0714bfbf104547fdc)

11 / 68    (Adware)
http://cdn2.chironexfleckerisilver.com/downloads/software/adamtest/.../setupShuffledInno.exe  (2a5e4dc63e2ac81c5f6a0032ebb08f4c)

The following 7 files have been seen to comunicate with cdn2.chironexfleckerisilver.com in live environments.

TCP » 185.59.223.24:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.24:443
beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 185.59.223.24:443
mustang.exe (Mustang Browser by Rafotech)

TCP » 185.59.223.24:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.24:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.59.223.24:443
online-guardian-v2.0.9.exe

TCP » 185.59.223.24:80
browser.exe (Browser)

TCP » 185.59.223.24:443
online-guardian-v2.0.9.exe

alimatechs.com

astrogemini.com

bandisoft.com

cdn77.net

cdn77.org

cleverfiles.com

compuclever.com

digitalflip.com

estgames.com

ewon.biz

flvtool.com

forex-tsd.com

hbfstech.net

iv-cdn.com

kerio.com

klasnetwork.com

loadto.net

mql4.com

ms-technology-inc.com

music-group.com

ootpdevelopments.com

phpmyadmin.net

pixelgun3d.com

playgemollection.com

playrix.com

poedit.net

poikosoft.com

progecad.com

sysweatheralert.space

sysweatheralert.website

30 of 31 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.