dexpot.de

Domain Information

Server location:
Berlin, Germany (DE)

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.OpenCandy.A
94.12%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
94.12%

Fortinet FortiGate
Adware/OpenCandy, Riskware/OpenCandy
70.59%

Dr.Web
Adware.OpenCandy.4, Adware.OpenCandy.7, Adware.OpenCandy.39, Adware.OpenCandy.55, Adware.OpenCandy.147, Adware.OpenCandy.183
70.59%

Trend Micro House Call
ADW_OPENCANDY, TROJ_GEN.F47V0106, TROJ_GEN.F47V0401, TROJ_GEN.F47V0609, Suspicious_GEN.F47V0722, Suspici.1E48FE7A, Suspicious_GEN.F47V0611
58.82%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
52.94%

Agnitum Outpost
Riskware.OpenCandy, Riskware.Agent
52.94%

McAfee
Adware-OpenCandy!8A85F5AD22C6, Adware-OpenCandy!2FF7EB50E7B6, Artemis!5DA7E98522BC, Artemis!C9709047D4A4, Artemis!DC7C296825B5
35.29%

McAfee Web Gateway
Adware-OpenCandy!8A85F5AD22C6, Adware-OpenCandy!2FF7EB50E7B6, Artemis!5DA7E98522BC, BehavesLike.Win32.Tool.rc
35.29%

G Data
NSIS.Application.OpenCandy, Win32.Adware.OpenCandy, Win32.Application.OpenCandy
23.53%

Baidu Antivirus
Trojan.Win32.Agent, Adware.Win32.OpenCandy
23.53%

Trend Micro
ADW_OPENCANDY
17.65%

IKARUS anti.virus
PUA.OpenCandy
17.65%

avast!
Win32:Adware-gen [Adw]
17.65%

Bkav FE
W32.Clod3ad.Trojan, W32.Clodef1.Trojan
11.76%

The domain dexpot.de has been seen to resolve to the following 3 IP addresses.

w0d.rzone.de
April 6, 2016

54.115.226.46.in-addr.arpa
February 2, 2016

srv17.sysproserver.de
December 28, 2013

File downloads found at URLs served by dexpot.de.

0 / 68
http://dexpot.de/.../dexclock_13_r39.exe  (339a89a0ab4d685a555a66046ddcb5b9)

1 / 68
http://dexpot.de/.../dexpot_1614_r2439.exe  (041c0c175d702e4f6095f86f8ac75792)

0 / 68
http://dexpot.de/.../dexclock_13_r39.exe  (15e066a1a0a5591a7d40b02f5cc14bac)

0 / 68
http://dexpot.de/.../dexpot_1614_r2439.exe  (785cbaedb62178cb23b6cb1c25891c16)

14 / 68    (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (cdef20b8003cb3e1d1bd564e8ff696c2)

14 / 68    (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (5c3b730140c558bfe002979833632dca)

6 / 68      (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (b81a9c89ec57e20176ad3d8410fc400e)

6 / 68      (PUP)
http://dexpot.de/.../dexpot_167_r2249.exe  (dexpot 1.6.7 виртуальные рабочие столы.exe)

8 / 68      (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (c9709047d4a4428ceee63355f95dd09a)

3 / 68      (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (5e397fec87ab6404be7a03e6e27891e3)

8 / 68      (PUP)
http://dexpot.de/.../dexpot_1614_r2439.exe  (77d59e8affcdc1355883da895cd32b35)

9 / 68      (PUP)
http://dexpot.de/.../dexpot_164_r2186.exe  (00490e800ba9bac8368501775757f4f1)

5 / 68      (PUP)
http://dexpot.de/.../dexpot_1613_r2429.exe  (5da7e98522bc0672748c9eecd4421428)

7 / 68      (PUP)

7 / 68      (PUP)

6 / 68      (PUP)
http://dexpot.de/.../dexpot_1612_r2416.exe  (dexpot 1.6.12 build 2416free-20 различных виртуальных рабочих столов.exe)

8 / 68      (PUP)
http://dexpot.de/.../dexpot_166_r2227.exe  (7fc993bc9fed76a653c96c3c976cdc3b)

7 / 68      (PUP)
http://dexpot.de/.../dexpot_1611_r2394.exe  (5d8a21d4a2b379a37a695e8330b71b98)

7 / 68      (PUP)
http://dexpot.de/.../dexpot_1610_r2369.exe  (9cc49989909ceb29879ef48df37987af)

8 / 68      (PUP)
http://dexpot.de/.../dexpot_169_r2285.exe  (2ff7eb50e7b64da394247a334ff90550)

9 / 68      (PUP)
http://dexpot.de/.../dexpot_1610_r2373.exe  (8a85f5ad22c6b4d9246a17ea0ba2b19b)

The following 8 files have been seen to comunicate with dexpot.de in live environments.

October 29, 2015

December 28, 2013