softsuma.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain softsuma.com is registered by proxy through ENOM, INC. and was originally registered in January of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Remove Malware from softsuma.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
New York, United States (US)

Create date:
Monday, January 21, 2013

Expires date:
Saturday, January 21, 2017

Updated date:
Tuesday, December 22, 2015

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Packed.24524
100.00%

F-Prot
W32/InstallCore.R.gen
100.00%

AVG
Adware Skodna.Generic_c.ME
100.00%

ESET NOD32
Win32/InstallCore.CH potentially unwanted application
100.00%

McAfee
Trojan.Artemis!4CC9CD705CB9
100.00%

VIPRE Antivirus
InstallCore
100.00%

Malwarebytes
PUP.Optional.InstallCore.A
100.00%

SUPERAntiSpyware
PUP.InstallCore/Variant
100.00%

Agnitum Outpost
PUA.InstallCore
100.00%

Comodo Security
ApplicUnwnt
100.00%

McAfee Web Gateway
BehavesLike.Win32.BadFile.jc
100.00%

Sophos
Install Core
100.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7
100.00%

Vba32 AntiVirus
Downware.InstallCore
100.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
100.00%

The domain softsuma.com has been seen to resolve to the following 32 IP addresses.

server-54-230-51-100.jfk5.r.cloudfront.net
June 5, 2014

server-54-230-48-32.jfk5.r.cloudfront.net
June 5, 2014

server-54-230-48-86.jfk5.r.cloudfront.net
June 5, 2014

server-54-230-48-94.jfk5.r.cloudfront.net
June 5, 2014

server-54-230-50-5.jfk5.r.cloudfront.net
June 5, 2014

server-205-251-251-111.jfk5.r.cloudfront.net
June 5, 2014

server-205-251-251-230.jfk5.r.cloudfront.net
June 5, 2014

server-205-251-251-73.jfk5.r.cloudfront.net
June 5, 2014

server-54-230-39-11.jfk1.r.cloudfront.net
April 14, 2014

server-204-246-169-173.jfk1.r.cloudfront.net
April 14, 2014

server-204-246-169-226.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-38-122.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-36-70.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-39-200.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-39-13.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-38-190.jfk1.r.cloudfront.net
April 14, 2014

server-54-230-55-54.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-55-114.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-52-170.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-53-74.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-55-78.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-55-233.jfk6.r.cloudfront.net
March 15, 2014

server-54-240-190-103.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-55-228.jfk6.r.cloudfront.net
March 15, 2014

server-54-230-55-222.jfk6.r.cloudfront.net
December 18, 2013

server-54-230-53-82.jfk6.r.cloudfront.net
December 18, 2013

server-54-230-54-21.jfk6.r.cloudfront.net
December 18, 2013

server-54-230-53-11.jfk6.r.cloudfront.net
December 18, 2013

server-54-230-54-176.jfk6.r.cloudfront.net
December 18, 2013

server-54-230-53-187.jfk6.r.cloudfront.net
December 18, 2013

 
Showing 30 of 32 IP Addresses

File downloads found at URLs served by softsuma.com.

21 / 68    (PUP)
http://softsuma.com/pcsx2/.../PCSX2_Setup.exe  (4cc9cd705cb9d60d11a2a5fa5f1827cb)

The following 18 files have been seen to comunicate with softsuma.com in live environments.

December 18, 2013

Remove Malware from softsuma.com - Powered by Reason Core Security