lp.vaudix.com

Cyber Soft Group Ltd.

Domain Information

The domain lp.vaudix.com registered by Cyber Soft Group Ltd. was initially registered in May of 2012 through NETEARTH ONE INC. D/B/A NETEARTH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
NETEARTH ONE INC. D/B/A NETEARTH

Server location:
Victoria, Australia (AU)

Create date:
Friday, May 04, 2012

Expires date:
Wednesday, May 04, 2016

Updated date:
Tuesday, April 22, 2014

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer (M), Adware.Amonetize.Meta (M), Adware (M), Threat.Win.Reputation.IMP
96.00%

Microsoft Security Essentials
Threat.Undefined
4.00%

avast!
Win32:Agent-AYLT [PUP]
4.00%

F-Secure
Variant.Razy.44563
4.00%

Emsisoft Anti-Malware
Gen:Variant.Razy.44563, Gen:Variant.Adware.Mplug.21
4.00%

Norman
Gen:Variant.Razy.44563
4.00%

ESET NOD32
Win32/Adware.MultiPlug.DZ application
4.00%

Dr.Web
Trojan.Crossrider.36840
4.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.MultiPlug
2.00%

The domain lp.vaudix.com has been seen to resolve to the following 16 IP addresses.

lb-182-241.above.com
September 17, 2016

September 15, 2016

July 13, 2016

July 11, 2016

July 10, 2016

May 17, 2016

ec2-52-26-71-172.us-west-2.compute.amazonaws.com
August 11, 2015

ec2-52-27-166-51.us-west-2.compute.amazonaws.com
August 11, 2015

ec2-52-27-146-26.us-west-2.compute.amazonaws.com
August 11, 2015

ec2-54-69-104-255.us-west-2.compute.amazonaws.com
May 6, 2015

September 11, 2014

September 11, 2014

(CloudFlare)
June 21, 2014

(CloudFlare)
June 21, 2014

ec2-54-200-139-91.us-west-2.compute.amazonaws.com
February 17, 2014

ec2-54-200-227-23.us-west-2.compute.amazonaws.com
January 10, 2014

File downloads found at URLs served by lp.vaudix.com.

1 / 68      (Malware)
http://lp.vaudix.com/.../Download.exe  (2d793d8cb541bac46b3f3adc719e7ac7)

1 / 68      (PUP)
http://lp.vaudix.com/.../  (download__15022_i1600876376_il26.exe.rar)

The following 16 files have been seen to comunicate with lp.vaudix.com in live environments.

URL:
http://lp.vaudix.com/

SSL certificate subject:
CN=sni67844.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
ngx_openresty (PHP/5.4.37)

Facebook:
Shares:  1
Comments:  2

Statistics are for the previous month.