home

surgeon-simulator-2013.softonic.de

Domain Information

Server location:
Catalonia, Spain (ES)

ASN:
AS51773 SOFTONIC-AS SOFTONIC INTERNATIONAL S.L.

Root domain:
softonic.de

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Bundler.PPI.Softonic.o, PUP.Softonic (M)
100.00%

McAfee
Artemis!C2EB4CA4CD59, Artemis!0FC0982E2C91
66.67%

Malwarebytes
PUP.Optional.Softonic, PUP.Optional.Softonic.A
66.67%

Trend Micro House Call
TROJ_GEN.R0C1H0AHL13, TROJ_GEN.F47V1108
66.67%

Dr.Web
Adware.Downware.1328, Adware.Downware.1515
66.67%

VIPRE Antivirus
Softonic Downloader
66.67%

ESET NOD32
Win32/SoftonicDownloader, Win32/SoftonicDownloader (variant)
66.67%

herdProtect (fuzzy)
a variant of e19170699219cbdafda7e72d51e4efc80cbc394d, a variant of a963fb12f54d1dfaace829d0146bb7b0e6b7c3f6
66.67%

Bkav FE
HW32.CDB
33.33%

Agnitum Outpost
PUA.Softonic
33.33%

Comodo Security
Application.Win32.Agent.SOFE
33.33%

Rising Antivirus
PE:Malware.Obscure/Heur!1.9E03
33.33%

The domain surgeon-simulator-2013.softonic.de has been seen to resolve to the following 2 IP addresses.

46.28.209.20
commoncobs.softonic.com
September 4, 2016

46.28.209.12
www.softonic.de
January 16, 2014

File downloads found at URLs served by surgeon-simulator-2013.softonic.de.

1 / 68      (PUP)
http://surgeon-simulator-2013.softonic.de/universaldownloader-launch  (softonicdownloader_fuer_surgeon-simulator-2013.exe)

11 / 68    (PUP)
http://surgeon-simulator-2013.softonic.de/universaldownloader-launch  (softonicdownloader_fuer_surgeon-simulator-2013.exe)

9 / 68      (PUP)
http://surgeon-simulator-2013.softonic.de/universaldownloader-launch  (softonicdownloader_fuer_surgeon-simulator-2013.exe)

The following 11 files have been seen to comunicate with surgeon-simulator-2013.softonic.de in live environments.

TCP » 46.28.209.20:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 46.28.209.20:80
APK2Mobile.exe (TODO: <Product name> by TODO: <Company name>)

TCP » 46.28.209.12:80
AVKProxy.exe (G Data Security Software by G Data Software AG)

TCP » 46.28.209.20:80
{blocked}.exe

TCP » 46.28.209.20:80
softonicdownloader_pour_itools-for-windows.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_pour_speedy-video-capture.exe.infected (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_fuer_minecraft-skinedit.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_per_vlc-media-player.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_per_songr.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
online-guardian-v2.0.9.exe

TCP » 46.28.209.20:80
softonicdownloader_pour_winrar.exe (Application Setup)

softonic.com

softonic.cn

softonic.com.br

softonic.fr

softonic.it

softonic.jp

softonic.nl

softonic.pl

softonicdownloads.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.