home

outlook-express.soft32.fr

Ano Nymous

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
EURODNS S.A.

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.fr

Whois:
1 soft32.fr record

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ZuluSoftSRL.V, PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
100.00%

Malwarebytes
PUP.Optional.Soft32.A
8.33%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw
8.33%

Dr.Web
Adware.Downware.2152
8.33%

VIPRE Antivirus
Soft32Downloader
8.33%

ESET NOD32
MSIL/Soft32Downloader (variant)
8.33%

The domain outlook-express.soft32.fr has been seen to resolve to the following 14 IP addresses.

52.85.147.68
server-52-85-147-68.iad12.r.cloudfront.net
August 20, 2016

52.85.147.49
server-52-85-147-49.iad12.r.cloudfront.net
August 20, 2016

52.85.147.41
server-52-85-147-41.iad12.r.cloudfront.net
August 20, 2016

52.85.147.34
server-52-85-147-34.iad12.r.cloudfront.net
August 20, 2016

52.85.147.17
server-52-85-147-17.iad12.r.cloudfront.net
August 20, 2016

52.85.147.179
server-52-85-147-179.iad12.r.cloudfront.net
August 20, 2016

52.85.147.175
server-52-85-147-175.iad12.r.cloudfront.net
August 20, 2016

52.85.147.96
server-52-85-147-96.iad12.r.cloudfront.net
August 20, 2016

151.101.20.249
July 11, 2016

23.235.46.249
February 21, 2016

23.235.39.249
February 7, 2016

199.27.76.249
February 7, 2016

23.67.242.48
a23-67-242-48.deploy.static.akamaitechnologies.com
April 14, 2014

23.67.242.57
a23-67-242-57.deploy.static.akamaitechnologies.com
April 14, 2014

File downloads found at URLs served by outlook-express.soft32.fr.

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../?lp=dsa&tg=fr&kw=_cat:soft32.fr&mt=b&ad=41007382682&pl=&ds=s&gclid=CKfqzOjxxL8CFVHMtAodkRQAjA&uid=14053438492ab45efced64c95fe82f3af443311d01  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook-express.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

0 / 68
http://outlook-express.soft32.fr/goto/file/id/.../  (ie6setupoe.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook-express.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../?lp=adwords&tg=fr&kw=_cat:soft32.fr&mt=b&ad=28377133562&pl=&ds=s&gclid=CM7kh-DWirsCFU_ItAodiUcAnA  (outlook express setup.exe)

1 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

0 / 68
http://outlook-express.soft32.fr/get/file/id/.../?no_download_manager=true  (ie6setupoe.exe)

0 / 68
http://outlook-express.soft32.fr/get/file/id/.../?iframe=true&width=420&height=200&javascript=true&no_download_manager=1  (ie6setupoe.exe)

0 / 68
http://outlook-express.soft32.fr/get/file/id/.../  (ie6setupoe.exe)

6 / 68      (Adware)
http://outlook-express.soft32.fr/get/file/id/.../  (outlook express setup.exe)

The following 74 files have been seen to comunicate with outlook-express.soft32.fr in live environments.

TCP » 52.85.147.68:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.68:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.17:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.68:443
apptrailers.exe

TCP » 52.85.147.68:443
onlineguardian-v2.exe

TCP » 52.85.147.68:443
online-guardian-v2.exe

TCP » 52.85.147.68:443
apptrailers.exe

TCP » 52.85.147.17:443
online-guardian-v2.0.9.exe

TCP » 52.85.147.17:80
apptrailers.exe

TCP » 52.85.147.49:443
browser.exe (Browser)

TCP » 52.85.147.49:443
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 52.85.147.68:443
apptrailers.exe

TCP » 52.85.147.68:443
browser.exe (Browser)

TCP » 52.85.147.68:443
instatime.exe

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

 
Latest 20 of 80 files

URL:
http://outlook-express.soft32.fr/

Google Analytics:
UA-110868

Title:
“Télécharger Outlook Express 6.0”

Description:
“Outlook Express - Télécharger Gratuit. Outlook Express place le monde de la communication en ligne sur votre bureau. - Téléchargement gratuitement.”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  7

Statistics are for the previous month.

soft32.com

soft32.com.br

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.