home

evaporez.com

Gabrielle Ezerzer

Domain Information

The domain evaporez.com registered by Gabrielle Ezerzer was initially registered in March of 2014 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Friday, March 14, 2014

Expires date:
Tuesday, March 14, 2017

Updated date:
Saturday, March 26, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Whois:
2 evaporez.com records

Scanner detections:
Malware distribution  (94% detected)

Scan engine
Details
Detections

Kaspersky
Trojan-Dropper.Win32.Injector, UDS:DangerousObject.Multi.Generic, Trojan.Win32.Diple, Backdoor.Win32.Androm, Trojan.Win32.Yakes, Trojan.Win32.Agent.netdrm
100.00%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp]
76.47%

Dr.Web
Win32.HLLW.Phorpiex.54, Trojan.PWS.Siggen1.41536, Trojan.Siggen6.23087, Trojan.Inject2.8376
76.47%

Qihoo 360 Security
Win32/Trojan.Dropper.b98, QVM19.1.Malware.Gen, QVM05.1.Malware.Gen, HEUR/QVM10.1.Malware.Gen, HEUR/QVM05.1.Malware.Gen, HEUR/QVM42.1.Malware.Gen
76.47%

McAfee
GenericR-EYH!C68EB71A17E6, GenericR-EYH!8E47BAFAE56F, Trojan.Artemis!D1F5874259BC, Artemis!E3F68F7A342B, Virus.Artemis!3B12F3E0F015, Artemis!17F71169DD15
70.59%

ESET NOD32
Win32/Injector.CLUQ (variant), Win32/Injector.CLWY (variant), Win32/Boaxxe.BR, Win32/Injector.CMAR (variant), Win32/Injector.CMHG (variant)
70.59%

Emsisoft Anti-Malware
Gen:Variant.Zusy.168537, Trojan.Win32.Injector, Gen:Variant.Mikey.27490, Trojan.GenericKD.2865766, Trojan.GenericKD.2867415
70.59%

Avira AntiVirus
DR/Delphi.A.9444, DR/Delphi.A.9430, TR/AD.Boaxxe.Y.347, TR/Crypt.Xpack.313468, TR/Crypt.Xpack.313859, TR/Injector.47616.17
70.59%

Baidu Antivirus
Trojan.Win32.Dropper, Backdoor.Win32.Androm, Trojan.Win32.Generik, Trojan.Win32.Injector
70.59%

K7 AntiVirus
Trojan
64.71%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.144508, Backdoor.IRCBot
64.71%

G Data
Gen:Variant.Zusy.168537, Win32.Trojan.Agent.3GYTB8, Gen:Variant.Mikey.27490, Trojan.GenericKD.2865766, Win32.Trojan.Agent.76INR3
64.71%

MicroWorld eScan
Gen:Variant.Zusy.168537, Gen:Variant.Mikey.27490, Trojan.GenericKD.2865766, Trojan.GenericKD.2867415, Trojan.GenericKD.2853521
58.82%

NANO AntiVirus
Trojan.Win32.Injector.dylvmi, Trojan.Win32.Androm.dymkky, Trojan.Win32.Agent.dyoyju
58.82%

Bitdefender
Gen:Variant.Zusy.168537, Gen:Variant.Mikey.27490, Trojan.GenericKD.2865766, Trojan.GenericKD.2867415, Trojan.GenericKD.2853521
58.82%

The domain evaporez.com has been seen to resolve to the following 8 IP addresses.

52.4.72.137
ec2-52-4-72-137.compute-1.amazonaws.com
July 1, 2016

107.23.198.240
ec2-107-23-198-240.compute-1.amazonaws.com
July 1, 2016

52.200.243.123
ec2-52-200-243-123.compute-1.amazonaws.com
June 28, 2016

54.152.144.243
ec2-54-152-144-243.compute-1.amazonaws.com
June 28, 2016

107.23.195.178
ec2-107-23-195-178.compute-1.amazonaws.com
June 5, 2016

52.20.195.18
ec2-52-20-195-18.compute-1.amazonaws.com
June 5, 2016

50.63.202.52
ip-50-63-202-52.ip.secureserver.net
April 14, 2016

50.87.150.231
50-87-150-231.unifiedlayer.com
February 23, 2016

File downloads found at URLs served by evaporez.com.

0 / 68
http://evaporez.com/wrk.exe  (14e784ad8988d2d7080fd16d42bfafe6)

5 / 68      (Malware)
http://evaporez.com/ppc.exe  (seqbklhbam.exe)

25 / 68    (Malware)
http://evaporez.com/t.exe  (device manager.exe)

6 / 68      (Malware)
http://evaporez.com/ppc.exe  (bzpfyosvbc.exe)

2 / 68      (Malware)
http://evaporez.com/www.exe  (winsvc.exe)

17 / 68    (Malware)
http://evaporez.com/work.exe  (ajmewmvvkl.exe)

17 / 68    (Malware)
http://evaporez.com/ppc.exe  (xwhmbpviwk.exe)

31 / 68    (PUP)
http://evaporez.com/ttt.exe  (winmgr.exe)

5 / 68      (Malware)
http://evaporez.com/wrk.exe  (upknafnvem.exe)

16 / 68    (Malware)
http://evaporez.com/b.exe  (winmgr.exe)

23 / 68    (Malware)
http://evaporez.com/w.exe  (diujtvgfht.exe)

18 / 68    (Malware)
http://evaporez.com/t.exe  (ffdcqhhtzi.exe)

10 / 68    (Malware)
http://evaporez.com/trk.exe  (lyrxoapgly.exe)

34 / 68    (PUP)
http://evaporez.com/x.exe  (bhhbzlbssd.exe)

31 / 68    (PUP)
http://evaporez.com/tupd.exe  (oeuewveria.exe)

33 / 68    (PUP)
http://evaporez.com/ww.exe  (avggrkabmd.exe)

27 / 68    (PUP)
http://evaporez.com/w.exe  (ogxaeeakys.exe)

17 / 68    (Malware)
http://evaporez.com/tn.exe  (qxngdfyszg.exe)

The following 103 files have been seen to comunicate with evaporez.com in live environments.

TCP » 50.63.202.52:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.52:80
efcb551d-a7ca-448b-ab7b-184691bde092-6.exe (videos MediaPlay-Air by enter)

TCP » 50.63.202.52:80
dd68bd04-1abc-45f6-9dcc-1dbedaabe9c6-6.exe (Browsers Apps - by browser)

TCP » 50.63.202.52:80
15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11.exe (videos MediaPlay-Air by enter)

TCP » 50.63.202.52:80
internet speed checker-codedownloader.exe (Internet Speed Checker by Speedchecker)

TCP » 50.63.202.52:80
ef1a0f1c-7c00-4fcc-97ef-2af09d5d6e41-3.exe (TheHDvid-Codec V10 by home)

TCP » 50.63.202.52:80
apps hat mini-firefoxinstaller.exe (Apps Hat Mini by Nero)

TCP » 50.63.202.52:80
419bdb73-fe11-4d57-8458-299b8439b1e5-4.exe (Plus-HD-9.5 by PlusHD8)

TCP » 50.63.202.52:80
a8b8829e-ee2f-4a55-a0c4-b6a9ccfc6622-11.exe (Cinemax by SBG)

TCP » 50.87.150.231:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.63.202.52:80
ea727281-8281-467f-bafd-cf5fb6f1777a-4.exe (The weDownload Manager by weDownload)

TCP » 50.63.202.52:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.63.202.52:80
13f413af-f1af-48b2-8cce-143d97e51a9f-4.exe (HD-Quality-v3)

TCP » 50.63.202.52:80
078a5343-cbe2-47cc-84cc-5012167f2506-4.exe (Object Browser)

TCP » 50.63.202.52:80
5ace53e0-2407-4b4a-b916-78d25ab235cb-11.exe (videos MediaPlay-Air by enter)

TCP » 50.63.202.52:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.52:80
b0e163f2-3b4a-492c-a5a6-a09094bcf84a-7.exe (V-9.1HD)

TCP » 50.63.202.52:80
1d58acf1-29e5-4c8e-a536-e04dd320ab01-5.exe (MediaPlayerplus by Freeven)

TCP » 50.63.202.52:80
flv player addon-bg.exe (FLV Player Addon by Nero)

TCP » 50.63.202.52:80
cbf51be9-f32a-47fa-9d8b-de8d54dcc734-11.exe (CinamHDPureV9.5 by CinamHDPure)

 
Latest 20 of 104 files

URL:
http://evaporez.com/

Title:
“Site Unavailable”

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  5
Shares:  1

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.