home

vowarmmnwkllje.adddveer.com

Domain Information

Server location:
Texas, United States (US)

ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Root domain:
adddveer.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!1187ABC5AFC0
100.00%

Trend Micro House Call
Suspicious_GEN.F47V1214
100.00%

Kaspersky
not-a-virus:HEUR:AdWare.Script.Generic
100.00%

VIPRE Antivirus
Trojan.Win32.Generic
100.00%

Qihoo 360 Security
Win32/Trojan.2ff
100.00%

The domain vowarmmnwkllje.adddveer.com has been seen to resolve to the following IP address.

209.99.40.222
209-99-40-222.fwd.datafoundry.com
May 20, 2016

File downloads found at URLs served by vowarmmnwkllje.adddveer.com.

5 / 68      (PUP)
http://vowarmmnwkllje.adddveer.com/.../xz.php?ii=YjMzNVI3NHE1NzNJNjMzVDQ1NEo4NA==&id=22&a=41213&l=xh  (flash.exe)

The following 47 files have been seen to comunicate with vowarmmnwkllje.adddveer.com in live environments.

TCP » 209.99.40.222:80
UCBrowser.exe (by UCWeb)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
hkcmd.exe (Intel Common User Interface by Intel)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
online-guardian-v2.0.9.exe

TCP » 209.99.40.222:80
msn.exe

TCP » 209.99.40.222:80
apptrailers.exe

TCP » 209.99.40.222:80
y03fd24.tmp

TCP » 209.99.40.222:80
lliseconc8.exe

TCP » 209.99.40.222:80
megacubo.exe (Megacubo by www.megacubo.net)

TCP » 209.99.40.222:80
messengertime.exe

TCP » 209.99.40.222:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
browser.exe (speed browser by Smart Applications)

 
Latest 20 of 53 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.