» www.agentofex.com
Overview
Analysis
IPs Addresses (4)
Downloads (2)
Website Detail
Related Domains (2)

www.agentofex.com

WHOISGUARD, INC. (Proxy Registrant)

Domain Information

The domain www.agentofex.com is registered by proxy through ENOM, INC. and was originally registered in December of 2013. Currently this domain has been known to host various forms of malware. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).

Registrant:

WHOISGUARD, INC.

Registrar:

ENOM, INC.

Server location:

Arizona, United States (US)

Create date:

Friday, December 27, 2013

Expires date:

Sunday, December 27, 2015

Updated date:

Wednesday, April 1, 2015

ASN:

AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

agentofex.com

Whois:

1 agentofex.com record

Scanner detections:

Malware distribution (100% detected)

Scan engine

Details

Detections

MicroWorld eScan

Trojan.GenericKD.1492435, Gen:Variant.Zusy.77106

100.00%

Quick Heal

TrojanDropper.Bepush.B.cw3, TrojanDropper.Bepush.r3

100.00%

McAfee

Generic.rx, Artemis!7B6EE6D31023

100.00%

Malwarebytes

Trojan.Downloader.MSIL, Trojan.Agent.MSIL

100.00%

Zillya! Antivirus

Trojan.Blocker.Win32.13348, Trojan.Blocker.Win32.27133

100.00%

K7 AntiVirus

Riskware , Trojan

100.00%

Arcabit

Trojan.Generic.D16C5D3, Trojan.Zusy.D12D32

100.00%

Agnitum Outpost

Trojan.Blocker, Trojan.Bepush

100.00%

ESET NOD32

MSIL/Bepush, MSIL/Bepush (variant)

100.00%

Trend Micro House Call

TROJ_SPNR.35BH14

100.00%

avast!

Win32:Ransom-ARZ [Trj], Win32:Agent-ASJZ [Trj]

100.00%

Kaspersky

Trojan-Ransom.Win32.Blocker, HEUR:Trojan.Win32.Generic

100.00%

Bitdefender

Trojan.GenericKD.1492435, Gen:Variant.Zusy.77106

100.00%

NANO AntiVirus

Trojan.Win32.Blocker.dtplmx, Trojan.Win32.Blocker.ctpstx

100.00%

ViRobot

Trojan.Win32.A.Blocker.123904.Q[h], Trojan.Win32.S.Agent.196096.BA[h]

100.00%

The domain www.agentofex.com has been seen to resolve to the following 4 IP addresses.

June 25, 2016

June 25, 2016

December 26, 2015

December 26, 2015

File downloads found at URLs served by www.agentofex.com.

32 / 68 (PUP)

http://www.agentofex.com/dl.php (FlashGuncelle.exe)

36 / 68 (Malware)

http://www.agentofex.com/dl.php (FLVGuncelle.exe)

URL:

http://www.agentofex.com/

Google Analytics:

UA-35908464

Title:

“Açılış Sayfanız”

Description:

“En sık ziyaret ettiğiniz web sayfalarının tümü birarada.”

SSL certificate subject:

CN=sni45370.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:

CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:

cloudflare-nginx (PHP/5.5.30)

Related Domains

fileshareservices.net

showmaskonnn.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.