ressource.illyx.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain ressource.illyx.com is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, October 11, 2011

Expires date:
Tuesday, October 11, 2016

Updated date:
Monday, January 11, 2016

ASN:
AS16276 OVH OVH SAS,FR

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Kreapixel.J, PUP.Kreapixel.M, PUP.Kreapixel.K, PUP.Installer.Kreapixel.F, Adware.Installer.Kreapixel.F, PUP.Kreapixel.G, PUP.Kreapixel.Installer (M)
89.80%

Sophos
Kreapixel, Mal/Generic-S, Generic PUA II
81.63%

Jiangmin
Trojan/Reconyc.as, WebToolbar.Toolbar.f
69.39%

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V1113, TROJ_GEN.F47V0115, TROJ_GEN.F47V0130, TROJ_GEN.F47V0124, TROJ_GEN.F47V0126, TROJ_GEN.F47V0201, TROJ_GEN.F47V0208, TROJ_GEN.F47V0202, TROJ_GEN.F47V0131, TROJ_GEN.F47V0913, TROJ_GEN.F47V0924, Suspicious_GEN.F47V0616
67.35%

G Data
Win32.Application.KreaPixWebplayer, Trojan.Generic.11293076, Trojan.Generic.11243508, Application.Generic.628761, Trojan.GenericKD.1731408
63.27%

McAfee
Artemis!32897A7F3ACD, Artemis!1A38FE8C60EE, Artemis!7685E0C1B942, Artemis!69083E45FCA5, Artemis!C4097FF392E5, Artemis!D5D07548DA25, Artemis!54F2B31B9E83, Artemis!1A001C0A48CB, Artemis!41E6C9E9BE0E, Artemis!10C9005F4C99, Artemis!8FA4653CCE00, Artemis!91D9D3E93B0A, Artemis!1CC8DACBEC50, Artemis!CBEA0AC993E9
57.14%

McAfee Web Gateway
Artemis!32897A7F3ACD, Artemis!1A38FE8C60EE, Artemis!7685E0C1B942, Artemis!69083E45FCA5, Artemis!C4097FF392E5, Artemis!D5D07548DA25
57.14%

ESET NOD32
Win32/AdWare.Illyx, Win32/Krepixel, Win32/Krepixel (variant), Win32/Packed.Autoit
55.10%

Dr.Web
Trojan.Crossrider.9, Trojan.DownLoader9.20992, Trojan.DownLoader9.19590, Trojan.DownLoader9.22298, Trojan.DownLoader9.21656
48.98%

Antiy Labs AVL
Trojan/Win32.Inject, Worm[IM]/Win32.Sohanad
46.94%

Comodo Security
ApplicUnwnt, ApplicUnwnt.Win32.AdWare.Krepixel.~A, UnclassifiedMalware
28.57%

Fortinet FortiGate
Riskware/Illyx, Riskware/Krepixel, W32/Genome.A!tr.dldr, W32/Krepixel.A, W32/Genome.HRSI!tr.dldr, W32/Genome.HRST!tr.dldr
28.57%

K7 AntiVirus
Unwanted-Program , Trojan, Trojan , Adware
26.53%

Kingsoft AntiVirus
Win32.Troj.Undef.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.TrojDownloader.Genome.gc.(kcloud), Win32.TrojDownloader.Genome.hr.(kcloud)
24.49%

CMC Antivirus
Trojan.Win32.Generic!O
22.45%

The domain ressource.illyx.com has been seen to resolve to the following 3 IP addresses.

ns517839.ip-192-99-47.net
February 27, 2016

December 28, 2013

December 28, 2013

File downloads found at URLs served by ressource.illyx.com.

5 / 68      (PUP)

URL:
http://ressource.illyx.com/

Web server:
Apache/2.4.10 (Debian)