home

dl.yac.mx

Name: Registration Private

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
GoDaddy.com

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:
yac.mx

Whois:
1 yac.mx record

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ElexdoBrasilParticipacoesa.n, PUP.Elex.YAC (M), PUP.Optional.Installer.W, PUP.Optional.Installer.S, PUP.Optional.Installer.D, PUP.Optional.Installer.ELEX, Threat.Thinknice.Installer, Win32.Generic.ELEX.Installer.Meta, PUP.Elex.Yac.Installer.Meta (M), PUP.Elex.Yac (M)
92.59%

ESET NOD32
Win32/ELEX (variant), Win32/ELEX.AS (variant), Win32/ELEX.BI (variant)
18.52%

Dr.Web
Adware.Mutabaha.99, Adware.Mutabaha.229, Win32.Sector.30
14.81%

AVG
Win.Threat.Medium, Win32/Sality
11.11%

Norman
Suspicious_Gen4.GXEQN, Win32.Sality.3
11.11%

F-Prot
W32/S-72a2296b, W32/Sality.gen2
11.11%

Emsisoft Anti-Malware
Trojan.GenericKD.2078221, Win32.Sality
11.11%

McAfee
Artemis!E322397ABC37, Program.Artemis!0C2BC46DBF42, Program.Artemis!6F62FC863453
11.11%

Baidu Antivirus
Adware.Win32.ELEX, Adware.Win32.Elex
7.41%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4721115
7.41%

G Data
Trojan.GenericKD.2078221, Win32.Application.Elex
7.41%

Bkav FE
W32.HfsAdware
7.41%

ESET NOD32
Win32/Sality.NBA virus
7.41%

Microsoft Security Essentials
Threat.Undefined
7.41%

avast!
Win32:Kukacka
7.41%

The domain dl.yac.mx has been seen to resolve to the following 10 IP addresses.

75.126.66.174
75.126.66.174-static.reverse.softlayer.com
May 30, 2014

75.126.66.173
75.126.66.173-static.reverse.softlayer.com
May 30, 2014

75.126.66.172
75.126.66.172-static.reverse.softlayer.com
May 30, 2014

75.126.66.163
75.126.66.163-static.reverse.softlayer.com
May 30, 2014

75.126.66.162
75.126.66.162-static.reverse.softlayer.com
May 30, 2014

75.126.20.222
75.126.20.222-static.reverse.softlayer.com
May 30, 2014

75.126.20.221
75.126.20.221-static.reverse.softlayer.com
May 30, 2014

75.126.20.219
75.126.20.219-static.reverse.softlayer.com
May 30, 2014

75.126.134.25
75.126.134.25-static.reverse.softlayer.com
May 30, 2014

75.126.134.24
75.126.134.24-static.reverse.softlayer.com
May 30, 2014

File downloads found at URLs served by dl.yac.mx.

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_0.exe  (ad4d8962a31241a5b9b06e361165593c)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_217062.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk.exe  (1d95122a32aa0f019ca166fec08a7e2e)

2 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_smt.exe  (yet_another_cleaner_sk.exe)

0 / 68
http://dl.yac.mx/download/.../yac.exe  (41eabd65ece5bf4e66522821774e9d68)

18 / 68    (Adware)
http://dl.yac.mx/update/wz/1.5.81/.../YacDl6_4_nsis_sign.exe  (zip_update_v1.5.81.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_bhr_3380.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_bhr_307.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sfto.exe  (yet_another_cleaner_nee.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_3057525.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_pado.exe  (yet_another_cleaner_sftc.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_ptt_5840364.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_78058.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/.../iSafe_setup.exe  (2948122fcf8c8e902cb3eb06327e2718)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_7723131.exe  (~dl2F88.exe)

2 / 68      (PUP)
http://dl.yac.mx/update/isafe/5.6.121/.../iSafe_setup_Release_win32_5.6.121.19606_2014.12.04.exe  (yac.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_ptt_107862.exe  (~dl2F88.exe)

10 / 68    (PUP)
http://dl.yac.mx/update/wz/1.5.86/.../YacDl6_2015.2.4_2.exe  (6f592fc8613d1d81b02ff8bde9966c92)

12 / 68    (PUP)
http://dl.yac.mx/update/new.2.0/wz/1.5.90/.../YacDl6_2015.3.5_out.exe  (98f90d154b9b9ecbd3092199cf8d0a26)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_6134524.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../dsk.exe  (b0d7ab7054cca0a5d0df30415ccb72ce)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_7356380.exe  (~dl2F88.exe)

1 / 68      (Malware)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_2625781.exe  (a04f1a4655052d20efc48afd56353ca2)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_5578877.exe  (~dl2F88.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe  (yet_another_cleaner_nee.exe)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_110370.exe  (~dl2F88.exe)

4 / 68      (Adware)
http://dl.yac.mx/update/new.2.0/px/2.1.6/.../Picexa_setup_update.exe  (e2a4e8dac6efaa7ff25c2b8e34863910)

1 / 68      (PUP)
http://dl.yac.mx/download/.../yet_another_cleaner_sk_5721036.exe  (~dl2F88.exe)

2 / 68      (PUP)
http://dl.yac.mx/update/isafe/3.8.20/.../iSafe_upgrade_Release_win32_3.8.20.6435_2013.12.30.exe  (315b0e835f50fa9d216981cf9f40b201)

1 / 68      (PUP)
http://dl.yac.mx/.../iSafe_setup_smod.exe  (3da947a6824ac53f92948aa23d076ab6)

 
Latest 30 of 117 download URLs

The following 30 files have been seen to comunicate with dl.yac.mx in live environments.

TCP » 75.126.66.172:80
iSafeSvc2.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
iSafeSvc2.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
ipcdl.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
dup.exe (DUP by Woodtale Technology)

TCP » 75.126.66.172:80
ipcdl.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
isafe.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
isafe.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
ipcdl.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
ipcdl.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
isafe.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
isafe.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
ipcdl.exe

TCP » 75.126.66.162:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.172:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
iSafeUpdate.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

TCP » 75.126.66.162:80
ipcdl.exe

TCP » 75.126.20.219:80
iSafeSvc2.exe (YAC Security Protection by Elex do Brasil Participaçõesa)

 
Latest 20 of 69 files

URL:
http://dl.yac.mx/

Web server:
nginx

337.com

elexspot.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.