» get.free-me-ic.xyz
Overview
Analysis
IPs Addresses (16)
Downloads (2)
Network (2)

get.free-me-ic.xyz

Domain Information

Server location:

Washington, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

free-me-ic.xyz

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Emsisoft Anti-Malware

Gen:Variant.Razy.12013

100.00%

Microsoft Security Essentials

Threat.Undefined

100.00%

VIPRE Antivirus

Threat.4150696

100.00%

McAfee

Trojan.Downloader-FAZR!3F43339B2175, Trojan.Downloader-FAZR!2E4DC50358DC

100.00%

Kaspersky

not-a-virus:Downloader.Win32.AdLoad

100.00%

ESET NOD32

Win32/IStartSurf.A potentially unwanted application

100.00%

Dr.Web

infected with Trojan.Vittalia.800

50.00%

Reason Heuristics

PUP.Vittalia (M)

50.00%

Norman

Gen:Variant.Razy.12013

50.00%

AVG

Adware Generic_r.AVQ

50.00%

Sophos

PUA 'AdLoad'

50.00%

The domain get.free-me-ic.xyz has been seen to resolve to the following 16 IP addresses.

52.85.131.188

server-52-85-131-188.iad53.r.cloudfront.net

April 5, 2016

52.85.131.186

server-52-85-131-186.iad53.r.cloudfront.net

April 5, 2016

52.85.131.175

server-52-85-131-175.iad53.r.cloudfront.net

April 5, 2016

52.85.131.154

server-52-85-131-154.iad53.r.cloudfront.net

April 5, 2016

52.85.131.122

server-52-85-131-122.iad53.r.cloudfront.net

April 5, 2016

52.85.131.106

server-52-85-131-106.iad53.r.cloudfront.net

April 5, 2016

52.85.131.12

server-52-85-131-12.iad53.r.cloudfront.net

April 5, 2016

52.85.131.224

server-52-85-131-224.iad53.r.cloudfront.net

April 5, 2016

54.192.195.36

server-54-192-195-36.iad53.r.cloudfront.net

March 4, 2016

54.192.195.17

server-54-192-195-17.iad53.r.cloudfront.net

March 4, 2016

54.192.195.12

server-54-192-195-12.iad53.r.cloudfront.net

March 4, 2016

54.192.195.11

server-54-192-195-11.iad53.r.cloudfront.net

March 4, 2016

54.192.195.188

server-54-192-195-188.iad53.r.cloudfront.net

March 4, 2016

54.192.195.186

server-54-192-195-186.iad53.r.cloudfront.net

March 4, 2016

54.192.195.127

server-54-192-195-127.iad53.r.cloudfront.net

March 4, 2016

54.192.195.102

server-54-192-195-102.iad53.r.cloudfront.net

March 4, 2016

File downloads found at URLs served by get.free-me-ic.xyz.

6 / 68 (PUP)

http://get.free-me-ic.xyz/?affId=1006&appTitle=Maya (2015).720p.BluRay.x264.mkv&s1=540&s2=4814497&setupName=cpSetup&appVersion=2.92&instId=11 (cpsetup.exe)

11 / 68 (PUP)

http://get.free-me-ic.xyz/?affId=1006&appTitle=GTA 5 2015 RG Mechanics game pc&s1=1453&s2=4710225&setupName=cpSetup&appVersion=2.92&instId=11 (cpsetup.exe)

The following 2 files have been seen to comunicate with get.free-me-ic.xyz in live environments.

TCP » 54.192.195.11:443

onlineguardian-v2.exe

TCP » 52.85.131.106:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.