home

teamspeak.soft32.fr

Ano Nymous

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
EURODNS S.A.

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.fr

Whois:
1 soft32.fr record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ZuluSoftSRL.P, PUP.Downloader.Bundler.Soft32.Installer (M)
100.00%

Malwarebytes
PUP.Optional.Soft32.A
50.00%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw
50.00%

Dr.Web
Adware.Downware.2152
50.00%

VIPRE Antivirus
Soft32Downloader
50.00%

ESET NOD32
MSIL/Soft32Downloader (variant)
50.00%

The domain teamspeak.soft32.fr has been seen to resolve to the following 10 IP addresses.

52.84.127.241
server-52-84-127-241.iad16.r.cloudfront.net
August 2, 2016

52.84.127.215
server-52-84-127-215.iad16.r.cloudfront.net
August 2, 2016

52.84.127.206
server-52-84-127-206.iad16.r.cloudfront.net
August 2, 2016

52.84.127.177
server-52-84-127-177.iad16.r.cloudfront.net
August 2, 2016

52.84.127.163
server-52-84-127-163.iad16.r.cloudfront.net
August 2, 2016

52.84.127.110
server-52-84-127-110.iad16.r.cloudfront.net
August 2, 2016

52.84.127.63
server-52-84-127-63.iad16.r.cloudfront.net
August 2, 2016

52.84.127.55
server-52-84-127-55.iad16.r.cloudfront.net
August 2, 2016

23.67.242.43
a23-67-242-43.deploy.static.akamaitechnologies.com
April 14, 2014

23.67.242.57
a23-67-242-57.deploy.static.akamaitechnologies.com
April 14, 2014

File downloads found at URLs served by teamspeak.soft32.fr.

1 / 68      (Adware)
http://teamspeak.soft32.fr/get/file/id/.../?lp=dsa&tg=fr&kw=_cat:soft32.fr&mt=b&ad=34523619122&pl=&ds=s&gclid=CIahj--zs7wCFSoEwwodPRsA0w  (teamspeak setup.exe)

6 / 68      (Adware)
http://teamspeak.soft32.fr/get/file/id/.../?lp=dsa&tg=fr&kw=_cat:soft32.fr&mt=b&ad=34523619122&pl=&ds=s&gclid=CKyrqc2SrrwCFSYTwwod7CYANA  (teamspeak setup.exe)

The following 62 files have been seen to comunicate with teamspeak.soft32.fr in live environments.

TCP » 23.67.242.43:80
nghakcphkjghdodhhjgpnnlhejchcbnm.crx

TCP » 23.67.242.43:80
aifdgljlemodageeoallebffdalbkdcg.crx

TCP » 23.67.242.43:80
almenbocikgmpakgajpcgmkdibnlgjdf.crx

TCP » 23.67.242.43:80
kafkdchcfcgmhbclmadkaogljgbohpmc.crx

TCP » 23.67.242.43:80
jmgljjjdcnkojjjanclhnnibggbnglhm.crx

TCP » 23.67.242.43:80
drop_to_s.crx

TCP » 23.67.242.57:80
songza.crx

TCP » 23.67.242.57:80
sidebar.crx

TCP » 23.67.242.57:80
socialframework.crx

TCP » 23.67.242.57:80
facebook.crx

TCP » 23.67.242.57:80
365scores.crx

TCP » 23.67.242.57:80
accuweather.crx

TCP » 23.67.242.57:80
feedly.crx

TCP » 23.67.242.57:80
instagram.crx

TCP » 23.67.242.57:80
youtube.crx

TCP » 23.67.242.57:80
feedly.crx

TCP » 23.67.242.57:80
tunein.crx

TCP » 23.67.242.57:80
songza.crx

TCP » 23.67.242.57:80
ondemandapp.crx

TCP » 23.67.242.57:80
rdio.crx

 
Latest 20 of 62 files

URL:
http://teamspeak.soft32.fr/

Google Analytics:
UA-110868

Title:
“Télécharger TeamSpeak 3.0.13.1”

Description:
“TeamSpeak - Télécharger Gratuit. TeamSpeak est un logiciel pour une communication vocale de qualité via l'Internet. - Téléchargement gratuitement.”

Network:
Amazon Cloudfront

Web server:
nginx

soft32.com

soft32.com.br

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.