» go.perandf.space
Overview
Analysis
IPs Addresses (8)
Downloads (1)
Network (18)

go.perandf.space

Domain Information

Server location:

Washington, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.iStartSurf.FutureSo (M)

100.00%

The domain go.perandf.space has been seen to resolve to the following 8 IP addresses.

server-52-85-142-56.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-42.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-24.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-226.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-216.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-182.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-125.iad12.r.cloudfront.net

May 28, 2016

server-52-85-142-113.iad12.r.cloudfront.net

May 28, 2016

File downloads found at URLs served by go.perandf.space.

1 / 68 (PUP)

http://go.perandf.space/?ses=71644609794020608 (fylm_fandam_2dym_almwt_try2y.exe)

The following 18 files have been seen to comunicate with go.perandf.space in live environments.

TCP » 52.85.142.216:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.216:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.216:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.182:80

UCBrowser.exe (by UCWeb)

TCP » 52.85.142.56:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.42:80

TCP » 52.85.142.125:443

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.142.56:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.56:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.85.142.182:443

whatsapptime.exe

TCP » 52.85.142.182:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.216:443

browser.exe (Browser)

TCP » 52.85.142.226:443

clearscreenplayer.exe (ClearScreen Player)

TCP » 52.85.142.113:80

Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.85.142.125:443

Allmyapps.exe (Allmyapps Desktop by Allmyapps)

TCP » 52.85.142.125:443

clearscreenplayerbrowser.exe

TCP » 52.85.142.216:443

online-guardian-v2.0.9.exe

TCP » 52.85.142.216:443

TCP » 52.85.142.216:443

online-guardian-v2.0.9.exe

TCP » 52.85.142.24:443

Latest 20 of 37 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.