styleapplicationzillion.com

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain styleapplicationzillion.com is registered by proxy through NAME.COM, INC. and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from styleapplicationzillion.com - Powered by Reason Core Security
Registrar:
NAME.COM, INC.

Server location:
Virginia, United States (US)

Create date:
Tuesday, February 25, 2014

Expires date:
Thursday, February 25, 2016

Updated date:
Friday, November 28, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

AVG
Generic, Adware Generic5, Adware Generic5.AZJX, Adware Generic5.BJIZ, Adware Generic_r.RI, Adware Generic5.BIKK, Adware Generic_r.VD
81.40%

Reason Heuristics
Adware.WebPick.Installer.U, Adware.WebPick.Installer.n, Adware.WebPick.Installer.?, PUP.AlexeyKurilenko.?, Adware.WebPick.Installer.J, PUP.StanislavKabin.BB, PUP.OlehAleksyuk.L, Adware.WebPick.Installer.Q, PUP.AlexeyKurilenko.i, PUP.AlexeyKurilenko.e, PUP.OlehAleksyuk.G, Threat.Win.Reputation.IMP, Adware.AdInjector.Installer, Adware.WebPick.Installer (M)
79.07%

NANO AntiVirus
Riskware.Win32.InfoLeak.cvgqot, Riskware.Win32.Downware.cvftvo, Riskware.Win32.MultiPlug.ddsvpv, Riskware.Win32.MultiPlug.dcbojo
79.07%

Avira AntiVirus
Adware/InstallRex.ode.17, TR/AntiFW.b.47, TR/AntiFW.b.106, TR/Kazy.324119.50, Adware/MultiPlug.aob, TR/Kazy.324119.51, Adware/MultiPlug.bfp
79.07%

avast!
Win32:InstalleRex-BO [PUP], Win32:InstalleRex-BI [PUP], Win32:InstalleRex-CD [PUP], Win32:InstalleRex-CK [PUP], Win32:InstalleRex-CM [PUP], Win32:MultiPlug-DI [PUP], Win32:MultiPlug-JU [PUP]
76.74%

McAfee
PUP-FHQ!C337F507E467, PUP-FMK, Trojan.Artemis!BB57FC5359EE, Trojan.Artemis!B23C4B5F9240, PUP-FJC, MultiPlug, CryptMplug
72.09%

Comodo Security
Application.Win32.InstalleRex.KG, Application.Win32.GreenApp.RR, Application.Win32.Multiplug.GETF, Application.Win32.MultiPlug.YX
72.09%

Kaspersky
Trojan.Win32.AntiFW, not-a-virus:AdWare.Win32.MultiPlug, not-a-virus:HEUR:WebToolbar.Win32.Cossder, HEUR:Trojan.Win32.Generic
69.77%

Malwarebytes
PUP.Optional.ItsMyApp, PUP.Optional.Installrex, PUP.Optional.InstalleRex, PUP.Optional.DownloaderSS, PUP.Optional.InstallCore
67.44%

Vba32 AntiVirus
Downware.TSU, AdWare.MultiPlug, Downware.MultiPlug.gen, SScope.Adware.MultiPlug, AdWare.Agent
67.44%

Dr.Web
Trojan.WebPick.2452, Trojan.WebPick.29, Trojan.WebPick.2759, Threat.Undefined, Trojan.Crossrider.28215, Trojan.WebPick.2818, Trojan.Crossrider.36840, Trojan.DownLoader11.42123
60.47%

IKARUS anti.virus
PUA.InstallBundler, PUP.InstallRex, PUA.InstallRex, AdWare.SaveNet, AdWare.AdPlugin, not-a-virus:AdWare.MultiPlug, Win32.SuspectCrc
60.47%

ESET NOD32
Win32/InstalleRex.M potentially unwanted application, Win32/InstalleRex.Q potentially unwanted application, Win32/AdWare.MultiPlug.AP application, Win32/AdWare.MultiPlug.BS application
58.14%

Kingsoft AntiVirus
Win32.Troj.AntiFW.b.(kcloud), Win32.Troj.MultiPlug.bw.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.Troj.MultiPlug.jr.(kcloud)
58.14%

G Data
Win32.Application.InstalleRex, Trojan.Generic.11211895, Application.Generic.661994, Win32.Application.Installerex, Win32.Adware.Multiplug
58.14%

The domain styleapplicationzillion.com has been seen to resolve to the following 16 IP addresses.

ec2-52-26-71-172.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-52-27-166-51.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-52-27-146-26.us-west-2.compute.amazonaws.com
August 12, 2015

ec2-54-69-104-255.us-west-2.compute.amazonaws.com
June 19, 2015

ec2-54-68-145-207.us-west-2.compute.amazonaws.com
December 26, 2014

ec2-54-148-67-213.us-west-2.compute.amazonaws.com
November 29, 2014

ec2-54-68-171-13.us-west-2.compute.amazonaws.com
November 29, 2014

ec2-54-68-142-187.us-west-2.compute.amazonaws.com
September 10, 2014

ec2-54-68-85-18.us-west-2.compute.amazonaws.com
September 10, 2014

ec2-54-167-174-238.compute-1.amazonaws.com
September 3, 2014

ec2-54-91-118-83.compute-1.amazonaws.com
September 2, 2014

ec2-54-213-175-182.us-west-2.compute.amazonaws.com
August 26, 2014

ec2-54-191-186-103.us-west-2.compute.amazonaws.com
August 1, 2014

ec2-54-187-76-32.us-west-2.compute.amazonaws.com
June 13, 2014

ec2-54-186-255-26.us-west-2.compute.amazonaws.com
April 14, 2014

ec2-54-201-215-30.us-west-2.compute.amazonaws.com
March 19, 2014

File downloads found at URLs served by styleapplicationzillion.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

27 / 68    (PUP)

15 / 68    (PUP)

17 / 68    (PUP)

29 / 68    (Adware)

 
Latest 30 of 82 download URLs

The following 4 files have been seen to comunicate with styleapplicationzillion.com in live environments.

URL:
http://styleapplicationzillion.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
ngx_openresty (PHP/5.4.37)

Remove Malware from styleapplicationzillion.com - Powered by Reason Core Security