home

get.sdfjow3f.xyz

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
sdfjow3f.xyz

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.C4DLMedia (M), Threat.Win.Reputation.IMP, PUP.C4DLMedia.Installer (M), PUP.C4DLMedi (M)
97.44%

Kaspersky
not-a-virus:AdWare.Win32.Agent
10.26%

F-Secure
Application:W32/Generic.70053c248f!Online, Variant.Application.LoadMoney
5.13%

Emsisoft Anti-Malware
Gen:Variant.Application.LoadMoney.78
5.13%

Norman
Gen:Variant.Application.LoadMoney.78
5.13%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
2.56%

VIPRE Antivirus
Threat.4725471
2.56%

Lavasoft Ad-Aware
Gen:Variant.Application.LoadMoney.78
2.56%

The domain get.sdfjow3f.xyz has been seen to resolve to the following 86 IP addresses.

52.85.131.220
server-52-85-131-220.iad53.r.cloudfront.net
May 21, 2016

52.85.131.124
server-52-85-131-124.iad53.r.cloudfront.net
May 21, 2016

52.85.131.114
server-52-85-131-114.iad53.r.cloudfront.net
May 21, 2016

52.85.131.109
server-52-85-131-109.iad53.r.cloudfront.net
May 21, 2016

52.85.131.14
server-52-85-131-14.iad53.r.cloudfront.net
May 21, 2016

52.85.131.241
server-52-85-131-241.iad53.r.cloudfront.net
May 21, 2016

52.85.131.235
server-52-85-131-235.iad53.r.cloudfront.net
May 21, 2016

52.85.131.226
server-52-85-131-226.iad53.r.cloudfront.net
April 17, 2016

52.85.131.191
server-52-85-131-191.iad53.r.cloudfront.net
April 17, 2016

52.85.131.98
server-52-85-131-98.iad53.r.cloudfront.net
April 17, 2016

52.85.131.37
server-52-85-131-37.iad53.r.cloudfront.net
April 17, 2016

52.85.131.36
server-52-85-131-36.iad53.r.cloudfront.net
April 17, 2016

54.230.102.66
server-54-230-102-66.iad2.r.cloudfront.net
April 14, 2016

54.230.102.55
server-54-230-102-55.iad2.r.cloudfront.net
April 14, 2016

54.230.102.210
server-54-230-102-210.iad2.r.cloudfront.net
April 11, 2016

54.230.102.198
server-54-230-102-198.iad2.r.cloudfront.net
April 11, 2016

54.230.102.190
server-54-230-102-190.iad2.r.cloudfront.net
April 11, 2016

54.230.102.74
server-54-230-102-74.iad2.r.cloudfront.net
April 11, 2016

54.230.102.60
server-54-230-102-60.iad2.r.cloudfront.net
April 11, 2016

54.230.102.22
server-54-230-102-22.iad2.r.cloudfront.net
April 11, 2016

52.85.131.74
server-52-85-131-74.iad53.r.cloudfront.net
April 9, 2016

52.85.131.38
server-52-85-131-38.iad53.r.cloudfront.net
April 9, 2016

52.85.131.20
server-52-85-131-20.iad53.r.cloudfront.net
April 9, 2016

52.85.131.230
server-52-85-131-230.iad53.r.cloudfront.net
April 9, 2016

52.85.131.182
server-52-85-131-182.iad53.r.cloudfront.net
April 9, 2016

52.85.142.198
server-52-85-142-198.iad12.r.cloudfront.net
April 6, 2016

52.85.142.197
server-52-85-142-197.iad12.r.cloudfront.net
April 6, 2016

52.85.142.190
server-52-85-142-190.iad12.r.cloudfront.net
April 6, 2016

52.85.142.113
server-52-85-142-113.iad12.r.cloudfront.net
April 6, 2016

52.85.142.104
server-52-85-142-104.iad12.r.cloudfront.net
April 6, 2016

 
Showing 30 of 86 IP Addresses

File downloads found at URLs served by get.sdfjow3f.xyz.

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=CA5AE623-7D90-43B3-AD51-3A066BADA166  (gang beasts.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=1ED9B9C0-D7BE-4314-BC30-35B3F0571476  (gta 5 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=948BA639-08E6-46F5-AAA8-5A01BB2032E7  (the forest pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=177DC86F-05B3-4C3B-A613-71D3AC0720E4  (age of mythology extended edition pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=22923BA4-64E6-4E11-902C-DC8EE34CBA7C  (gta 5 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=798133C5-B8BB-4908-8D92-F24FEA19DF20  (setup.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=DDDCF1AA-D029-418B-B3F3-01BE93BD885B  (terraria.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=9DFC7635-9682-46C7-90BD-465A9F99FC0D  (boat trip.este.barco.es.un.peligro[dvdrip][spanish].exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=8E99635D-C85F-4AD3-90D1-654A89B11ADE  (cod black ops 3.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=EF1C1860-0363-4921-AD90-B4D549E75FA3  (simcity 5 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=0DC581A5-ABA8-4E47-B4CD-48A001C8B617  (va - hypnotic presents maximes ministry of bounce_ april 2008 (4.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=51D0B44A-F546-416F-92B0-8D8BB6AE07A3  (deamon tools.exe)

2 / 68      (false positives)
http://get.sdfjow3f.xyz/get.php?ses=2DFDC305-D47F-4B1E-BE67-BEDEDB92BDB4  (wrar420.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=D1070B16-F002-419D-B3CD-00DFDD7D0278  (dos hombres y un destino.(paul newman).(dvdrip.divx.spanish)..exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=C7947DA8-F933-4458-ABE7-7C12B0F0A8D9  (plants vs zombies garden warfare.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=9078EED0-2145-43D2-93CE-5EA9ED3D2412  (phil.spector.2013 hdrip xvid juggs.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=909EC07B-049F-433D-B7E9-7B3A1FFE91DE  (phil.spector.2013 hdrip xvid juggs.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=CD5FB7C1-E030-4183-9C16-A9FD64743154  (cod black ops 3.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=D3E5DBC5-93F9-4F60-82D7-22626FF73B47  (windows7activator.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=E1701317-3F77-4828-914C-1A9211B9B58C  (dying light pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=17EDFD53-0E6C-47C4-B00A-905E1B13E8C6  (police force 2 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=F75D7B2D-58F8-4A45-99BC-2DCC6A344736  (police force 2 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=76598733-4380-4841-9520-913243EE5066  (gta 5 pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=19B231B8-F7E4-4ADE-ACBF-B0DD88B1C6A3  (sleeping dogs_ definitive edition {update 1} repac.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=CAD484DD-8A6C-41AC-BD11-1832024AF6CE  (FlashPlayer.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=AA9737AC-4F00-452D-965E-0CBBE1B002F5  (FlashPlayer.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=185FEB3E-BC64-40C0-A225-1CDC04A32E79  (pokemon - fire red.gba.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=FE89B470-A1BF-4EF9-AE13-3FDAAC0CC1C8  (dragon ball xenoverse pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=D1182ADF-DDB5-42BE-9D1A-B83D3EBA7ED6  (dragon ball xenoverse pc.exe)

1 / 68      (PUP)
http://get.sdfjow3f.xyz/get.php?ses=B518C89E-42BF-4937-9F8D-32B9941BA462  (lego le hobbit pc.exe)

 
Latest 30 of 39 download URLs

The following 22 files have been seen to comunicate with get.sdfjow3f.xyz in live environments.

TCP » 54.192.195.111:443
online-guardian-v2.0.9.exe

TCP » 52.85.142.190:80
browser.exe (Browser)

TCP » 54.192.195.235:443
online-guardian.exe

TCP » 54.192.195.235:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.80:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 52.85.142.190:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.195.111:443
apptrailers.exe

TCP » 52.85.142.104:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.198:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.85.142.198:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.195.26:443
onlineguardian-v2.exe

TCP » 52.85.142.198:443
online-guardian-v2.0.9.exe

TCP » 52.85.142.104:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.236:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.195.177:443
online-guardian.exe

TCP » 54.192.195.177:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.190:80
browser.exe (Browser)

TCP » 54.192.195.104:443
browser.exe (speed browser by Fast Applications)

TCP » 52.85.131.230:443
browser.exe (Browser)

TCP » 52.85.142.198:443
munk.exe (Munk)

 
Latest 20 of 54 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.