dl.softohqimjjedf0jq.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.softohqimjjedf0jq.net is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Remove Malware from dl.softohqimjjedf0jq.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Thursday, September 19, 2013

Expires date:
Saturday, September 19, 2015

Updated date:
Tuesday, October 07, 2014

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.RAPIDDOWN.R, PUP.RAPIDDOWN.I, PUP.RAPIDDOWN.F, PUP.Installer.AppsInstallerSL.S, PUP.FIRSERIASL.Q, PUP.Installer.RAPIDDOWN.F, PUP.RAPIDDOWN.Q, PUP.FIRSERIASL.M, PUP.FIRSERIASL.W, PUP.Installer.FIRSERIASL.L, PUP.Installer.AppsInstallerSL.M, PUP.FIRSERIASL.K, PUP.Installer.RAPIDDOWN.I, PUP.PortalProgramas.G, Threat.Solimba.Bundler, PUP.Solimba.PortalProgramas (M), PUP.Solimba.RAPIDDOWN.Bundler (M), PUP.Solimba.FIRSERIA.Bundler (M)
100.00%

Sophos
Solimba Installer
75.00%

Vba32 AntiVirus
Downloader.Morstar, Downware.Morstar
75.00%

AVG
MalSign.Generic, AdInstaller.Firseria, BundleApp, BundleApp.J, Adware AdInstaller.Firseria, Adware BundleApp.F, Adware BundleApp.R
75.00%

Malwarebytes
PUP.Optional.Firseria, PUP.Optional.Rapiddown
70.83%

Kaspersky
not-a-virus:Downloader.Win32.Morstar, not-a-virus:Downloader.Win32.Firser
70.83%

Dr.Web
Trojan.DownLoader11.3085, Adware.Downware.1433, Trojan.DownLoader11.3153, Trojan.DownLoader11.3311, Adware.Downware.1433, Adware.Downware.1433
70.83%

VIPRE Antivirus
Trojan.Win32.Generic, DownloadMR, Threat.4782980, Threat.4150696
70.83%

Avira AntiVirus
TR/Dropper.Gen, APPL/Firseria.Gen, TR/Rogue.10404664, APPL/Firseria.A.13, TR/Crypt.ULPM.Gen, APPL/Bechiro.B
70.83%

Kingsoft AntiVirus
Win32.Troj.DownMorstar.o.(kcloud), Win32.Troj.Generic.a.(kcloud)
70.83%

Rising Antivirus
PE:PUF.FirseriaInstaller@CV!1.9C54, PE:PUA.FirseriaInstaller@CV!1.9C54, PE:PUF.FirseriaInstaller@CV!1.5C42
70.83%

NANO AntiVirus
Trojan.Win32.Morstar.creklv, Trojan.Win32.Morstar.cslwyy, Trojan.Win32.Morstar.csnpwt, Trojan.Win32.Morstar.cslwnq
66.67%

G Data
Win32.Application.FirseriaInstaller, Gen:Application.Bundler.Firseria, Win32.Application.Craftor, Win32.Application.Morstar
66.67%

ESET NOD32
Win32/FirseriaInstaller (variant)
58.33%

K7 Gateway Antivirus
Unwanted-Program , Trojan
54.17%

The domain dl.softohqimjjedf0jq.net has been seen to resolve to the following 48 IP addresses.

ip-69-31-29-191.nlayer.net
October 24, 2014

ip-69-31-29-198.gtt.net
October 24, 2014

a184-51-126-24.deploy.static.akamaitechnologies.com
September 7, 2014

a184-51-126-25.deploy.static.akamaitechnologies.com
September 7, 2014

a23-0-160-64.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-58.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-67.deploy.static.akamaitechnologies.com
September 3, 2014

a23-0-160-65.deploy.static.akamaitechnologies.com
September 3, 2014

a23-62-7-10.deploy.static.akamaitechnologies.com
August 20, 2014

a23-62-7-41.deploy.static.akamaitechnologies.com
August 20, 2014

a23-67-243-27.deploy.static.akamaitechnologies.com
August 13, 2014

a23-67-243-43.deploy.static.akamaitechnologies.com
August 13, 2014

a23-67-243-34.deploy.static.akamaitechnologies.com
August 13, 2014

a23-67-243-75.deploy.static.akamaitechnologies.com
August 13, 2014

August 13, 2014

a23-67-243-98.deploy.static.akamaitechnologies.com
August 13, 2014

August 13, 2014

a23-67-250-99.deploy.static.akamaitechnologies.com
May 5, 2014

a23-67-250-98.deploy.static.akamaitechnologies.com
May 5, 2014

May 1, 2014

a23-67-243-83.deploy.static.akamaitechnologies.com
May 1, 2014

May 1, 2014

May 1, 2014

a23-67-243-24.deploy.static.akamaitechnologies.com
May 1, 2014

a23-67-243-65.deploy.static.akamaitechnologies.com
May 1, 2014

a23-67-242-123.deploy.static.akamaitechnologies.com
April 20, 2014

April 20, 2014

a23-67-250-112.deploy.static.akamaitechnologies.com
April 16, 2014

a23-67-250-136.deploy.static.akamaitechnologies.com
April 16, 2014

a23-67-250-120.deploy.static.akamaitechnologies.com
April 16, 2014

 
Showing 30 of 48 IP Addresses

File downloads found at URLs served by dl.softohqimjjedf0jq.net.

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.softohqimjjedf0jq.net/n/3.0.21/.../ArgoUML.exe  (1b7a6cd016f8ca46d7604d7b5871b9c7)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.softohqimjjedf0jq.net/n/3.0.26.1/.../Ares.exe  (cb82a52e1488b354a63a85293a7f2240)

31 / 68    (Adware)

31 / 68    (Adware)
http://dl.softohqimjjedf0jq.net/n/3.0.26.1/.../GTA IV.exe  (fc9d5dc2c368c3032239a716ed776850)

30 / 68    (Adware)

30 / 68    (Adware)

30 / 68    (Adware)
http://dl.softohqimjjedf0jq.net/n/.../Mediaget.exe  (60c9407a843f9b8327d1e69b48098b27)

0 / 68
http://dl.softohqimjjedf0jq.net/n/.../uTorrent.exe  (b3bf0fb371b61559f58c00841af135c8)

14 / 68    (Adware)

31 / 68    (Adware)

33 / 68    (Adware)

11 / 68    (Adware)

22 / 68    (Adware)

23 / 68    (Adware)

1 / 68      (Adware)

16 / 68    (Adware)

19 / 68    (Adware)

20 / 68    (Adware)

18 / 68    (Adware)
http://dl.softohqimjjedf0jq.net/n/3.0.26/.../Setup.exe  (2a6db74a55888dd5394e2699975af086)

38 / 68    (Adware)

1 / 68      (Adware)

18 / 68    (Adware)
http://dl.softohqimjjedf0jq.net/n/.../Skype.exe  (cd70bd4f539470a46a433c3fcedb226b)

18 / 68    (Adware)
http://dl.softohqimjjedf0jq.net/n/.../uTorrent.exe  (db2fa711c4afbec59b0c78676ec4951f)

18 / 68    (Adware)

The following 450 files have been seen to comunicate with dl.softohqimjjedf0jq.net in live environments.

 
Latest 20 of 482 files

URL:
http://dl.softohqimjjedf0jq.net/

Web server:
AkamaiGHost

Remove Malware from dl.softohqimjjedf0jq.net - Powered by Reason Core Security