home

get.skdfw8hfjskdf.xyz

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
skdfw8hfjskdf.xyz

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/IStartSurf.C potentially unwanted application
100.00%

Microsoft Security Essentials
Threat.Undefined
100.00%

Kaspersky
Trojan-Downloader.Win32.Small, not-a-virus:AdWare.Win32.StartSurf
100.00%

Norman
Trojan.Generic.15502117, Trojan.Generic.15586127, Gen:Application.Heur.gu6@HDGxfzni, Gen:Application.Heur.gu6@H52PaGai
100.00%

Emsisoft Anti-Malware
Trojan.Generic.15502117, Gen:Application.Heur.gu6@HDGxfzni, Gen:Application.Heur.gu6@H52PaGai, Trojan.Generic.15586127
80.00%

AVG
Adware BundleApp_r.BC
80.00%

Reason Heuristics
Adware.Bundler (M)
80.00%

McAfee
Trojan.Trojan-FHMF!DC87943DD130, Trojan.Trojan-FHMF!F669771D44D0, Trojan.Trojan-FHMF!FCEE4507D957, Trojan.Trojan-FHMF!7A8AAC0ED27A
80.00%

Dr.Web
Detection.Undefined
60.00%

VIPRE Antivirus
Threat.4150696
60.00%

F-Secure
Trojan.Generic.15502117
20.00%

Sophos
PUA 'AdLoad'
20.00%

The domain get.skdfw8hfjskdf.xyz has been seen to resolve to the following 37 IP addresses.

52.84.125.91
server-52-84-125-91.iad16.r.cloudfront.net
July 21, 2016

52.84.125.31
server-52-84-125-31.iad16.r.cloudfront.net
July 21, 2016

52.84.125.24
server-52-84-125-24.iad16.r.cloudfront.net
July 21, 2016

52.84.125.13
server-52-84-125-13.iad16.r.cloudfront.net
July 21, 2016

52.84.125.12
server-52-84-125-12.iad16.r.cloudfront.net
July 21, 2016

52.84.125.250
server-52-84-125-250.iad16.r.cloudfront.net
July 21, 2016

52.84.125.226
server-52-84-125-226.iad16.r.cloudfront.net
July 21, 2016

52.84.125.190
server-52-84-125-190.iad16.r.cloudfront.net
July 21, 2016

52.85.131.165
server-52-85-131-165.iad53.r.cloudfront.net
July 6, 2016

52.85.131.38
server-52-85-131-38.iad53.r.cloudfront.net
July 6, 2016

52.85.131.222
server-52-85-131-222.iad53.r.cloudfront.net
July 6, 2016

52.85.131.208
server-52-85-131-208.iad53.r.cloudfront.net
July 6, 2016

52.85.131.196
server-52-85-131-196.iad53.r.cloudfront.net
July 6, 2016

52.85.131.183
server-52-85-131-183.iad53.r.cloudfront.net
July 6, 2016

52.85.131.214
server-52-85-131-214.iad53.r.cloudfront.net
May 21, 2016

52.85.131.181
server-52-85-131-181.iad53.r.cloudfront.net
May 21, 2016

52.85.131.170
server-52-85-131-170.iad53.r.cloudfront.net
May 21, 2016

52.85.131.148
server-52-85-131-148.iad53.r.cloudfront.net
May 21, 2016

52.85.131.102
server-52-85-131-102.iad53.r.cloudfront.net
May 21, 2016

52.85.131.23
server-52-85-131-23.iad53.r.cloudfront.net
May 21, 2016

52.85.131.21
server-52-85-131-21.iad53.r.cloudfront.net
May 21, 2016

54.230.102.173
server-54-230-102-173.iad2.r.cloudfront.net
April 14, 2016

54.230.102.122
server-54-230-102-122.iad2.r.cloudfront.net
April 14, 2016

54.230.102.112
server-54-230-102-112.iad2.r.cloudfront.net
April 14, 2016

54.230.102.101
server-54-230-102-101.iad2.r.cloudfront.net
April 14, 2016

54.230.102.31
server-54-230-102-31.iad2.r.cloudfront.net
April 14, 2016

54.230.102.5
server-54-230-102-5.iad2.r.cloudfront.net
April 14, 2016

54.230.102.248
server-54-230-102-248.iad2.r.cloudfront.net
April 14, 2016

54.230.102.237
server-54-230-102-237.iad2.r.cloudfront.net
April 14, 2016

52.85.131.66
server-52-85-131-66.iad53.r.cloudfront.net
April 13, 2016

 
Showing 30 of 37 IP Addresses

File downloads found at URLs served by get.skdfw8hfjskdf.xyz.

10 / 68    (PUP)
http://get.skdfw8hfjskdf.xyz/?affId=1006&appTitle=Inji Iduppazhagi 2015.Tamil.HDRip.XviD.AC3-Evk&s1=537&s2=5078737&setupName=cpSetup&appVersion=2.92&instId=11  (cpsetup.exe)

10 / 68    (PUP)
http://get.skdfw8hfjskdf.xyz/?affId=1006&appTitle=WINDOWS 7 ALL IN ONE PRE-ACTIVATED&s1=431&s2=5068421&setupName=cpSetup&appVersion=2.92&instId=11  (cpsetup.exe)

7 / 68      (PUP)
http://get.skdfw8hfjskdf.xyz/?affId=1006&appTitle=Oraalpokkam (2015).720p.BluRay.x264.mkv&s1=540&s2=4814491&setupName=cpSetup&appVersion=2.92&instId=11  (cpsetup.exe)

9 / 68      (PUP)
http://get.skdfw8hfjskdf.xyz/?affId=1006&appTitle=Jazbaa (2015).hindi.720p.hdrip.264.acc&s1=2299&s2=5107596&setupName=cpSetup&appVersion=2.92&instId=11  (cpsetup.exe)

8 / 68      (PUP)
http://get.skdfw8hfjskdf.xyz/?affId=1006&appTitle=Autodesk AutoCAD v.2016 [32-64 Bit]&s1=1453&s2=4888908&setupName=cpSetup&appVersion=2.92&instId=11  (cpsetup.exe)

The following 14 files have been seen to comunicate with get.skdfw8hfjskdf.xyz in live environments.

TCP » 52.85.131.148:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.226:80
se.exe

TCP » 52.84.125.12:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.12:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.13:443
online-guardian-v2.0.9.exe

TCP » 52.84.125.12:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.250:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.12:443
UCBrowser.exe (by UCWeb)

TCP » 52.84.125.12:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.13:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.12:80
browser.exe (speed browser by Smart Applications)

TCP » 52.84.125.226:443
online-guardian-v2.0.9.exe

TCP » 52.84.125.226:443
ManyCam.exe (ManyCam Virtual Webcam by Visicom Media)

TCP » 52.84.125.226:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.24:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.24:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.31:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.226:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.31:443
ManyCam.exe (ManyCam Virtual Webcam by Visicom Media)

TCP » 52.85.131.196:80
SimpleDriverUpdater.exe (Simple Driver Updater)

 
Latest 20 of 30 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.