home

www.appfusu.com

c/o whoisproxy.com Ltd.

Domain Information

The domain www.appfusu.com registered by c/o whoisproxy.com Ltd. was initially registered in April of 2015 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
KEY-SYSTEMS GMBH

Server location:
Texas, United States (US)

Create date:
Sunday, April 5, 2015

Expires date:
Tuesday, April 5, 2016

Updated date:
Sunday, April 5, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
appfusu.com

Whois:
3 appfusu.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Performersoft.GreenTec.Bundler (M), PUP.Performersoft (M), Threat.Win.Reputation.IMP
100.00%

The domain www.appfusu.com has been seen to resolve to the following 12 IP addresses.

208.73.210.214
May 4, 2015

208.73.210.200
May 4, 2015

208.73.211.178
May 4, 2015

208.73.210.217
May 4, 2015

174.37.181.30
174.37.181.30-static.reverse.softlayer.com
March 27, 2014

50.97.44.130
50.97.44.130-static.reverse.softlayer.com
March 27, 2014

50.97.49.242
50.97.49.242-static.reverse.softlayer.com
March 27, 2014

173.192.190.226
173.192.190.226-static.reverse.softlayer.com
March 27, 2014

50.97.44.131
50.97.44.131-static.reverse.softlayer.com
March 20, 2014

173.192.190.227
173.192.190.227-static.reverse.softlayer.com
March 20, 2014

50.97.49.243
50.97.49.243-static.reverse.softlayer.com
March 20, 2014

174.37.181.31
174.37.181.31-static.reverse.softlayer.com
March 20, 2014

File downloads found at URLs served by www.appfusu.com.

1 / 68      (Adware)
http://www.appfusu.com/.../$rucYZpA3ZQVkkjcf?lang=en&cid=4143&cert=pts  (UPDFSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$vfstbJA3IkUiogog?v=7&cid=4040&clickid=00008308p9390210145&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$luAnYJA3I0UlmhAR?v=17&cid=4225&clickid=00003199p9390592222&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$hv8heplsIQYpujUu?v=7&cid=3975&clickid=0067957118635065820&a=9&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$tscmX5A3ZV40gzQN?v=19&cid=4197&tid=NY2uOX2EqrI2iZOAPlaQ0JbFjjCqcd7R8iFbrbhUK3RqOuzpzWKGgzhbLLk4wsgXXKK2mdW1JjtplfSlAJUBlaqXAXm9fCk7RCPNL76bv9Z0he3PYHgoT9irRQs5EuoOVVxfHkF3NyTRowIuvWStgqRQtWJfUlg5mGFDxhHw7rEbvBE-VOGKTfPYPScvv-EVBR9TkzsDGoTZ31tmwmf50C10jp59CSATAv1nH0XRRICOD4idaIwB2eaZitJdNA2PqNzDykug2aELeaBbEKy3xPKTWFEhofLTtwldTX63_eM14IouKfWWieruWWmzy06LPY2xbvlTli8rlBa-QiwLKBTUV0O7wYH8AO3vlj5JX3M4W5RqGd_NjLOAJuJGNg&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$mvQIdZlscEA1kxAq?v=7&cid=3872&tid=nym1CMKi8depr_ChSxACGOTBm97XrZCWCiINOTguMTcwLjIyNC4zNCgBMIaF1JkF&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$jsYdT5A3ZV40lBYM?v=19&cid=4197&tid=JLMhh4Sggqb0QGePPN2CoAhPvuQ87zSHtwn0Kvo5McOCDFMQPvzVee1lOvqoEYBkRF5KdBjZ0otPw3tUIe7GyKSxgTZyY0Z6gzX6fK_0PiGH21Q-Rpu1_f7aAb5RWFRACa3UCdcO7OL2HZWGnSRmzEwxvL9VLPzMlTKhJuanSeg_kBADhxM5uIVom4qpOf7ce_uzyfIkUx8XL56ZYp6q2v4lFfPJnS-YIQGY2S1Jx2Cp5CRNz5hy5Pc44sfh0wqMbYHeCad6E9MqJDChqZvb1DyVZQGhHQ_iJGUtE20foQgKd15w0Vq0v75jZF8sgZ1nbCQOq0Jcfu8K_hpSQYgI3ITBU8N-8vcp0zfl-u2CJ4BEoxRAQuej6ZgWHt4&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$hPYIb5lsIQYpuB8e?v=18&cid=3975&clickid=0050293058953964636&a=3&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$hdYARJlscAcpqyAs?lang=en&cid=3867&gclid=COz82brYur0CFZDKtAodwD0ATg&cert=pts  (77ZipSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$mN0lRJA3I0UloggA?v=28&cid=4225&clickid=00002556p9392799059&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$hek6dZA3ZUMptwAu?v=7&cid=4151&clickid=0073705539220301673&a=1&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$luw5V5A3IkUiih8P?v=7&cid=4040&clickid=00008307p9223140856&a=1&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Malware)
http://www.appfusu.com/.../$iusNQJA3ZV40tywA?v=19&cid=4197&tid=FfPzpOdaR-sUYIgJLZKvpr3ID8yLbae72SdgIGdUiNuFf71arrT3pogFRboRomDPlckCF9RUdDF6lhIlziPuxKqqLm9m0cCT0vj9NNM73p7B-I1_lswDiAMBOpatN5EvcSnaB-E1NqlAMeo3_9RTrD_G7DjN4MN9jF1j8Oq7R-s8PVV5UPrjsDEERAEEgT6brKtSgbdWqaSvDkQxDQgyGMlbW3CvRzgaI9sW7KZN8gI3GW4JHnNu0NgF4DBBE2mmC5I-mM2DNEm2w6QFOQ3J_MDsuvmYCDM3xMaf8X_hFkk96Uw8t-B5QjqFxt3ODvlu280-LIgYf3GEumbFkHNlsh5PFJ1AGZ642D6TdJ04JptT46OAtWJthxESGN-zbw&cert=grts  (videoperformersetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$is8BZ5lsZAc1jioi?cid=3683&cert=grts  (DownloadManagerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$hsUnbpA3ZQVkrTQg?lang=en&cid=4143&cert=pts  (UPDFSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/download4/.../sTQL?v=7&cid=4128&clickid=00002706p8945058522&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/download/.../QbYJA3YAA7vQEr?v=18&cid=4499&clickid=00007584p8659312165&cert=grts  (codecperformersetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$lfsFZJA3IAMgtigS?v=18&cid=4534&clickid=00003199p9356419793&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$lskfepA3I0UlrS0o?v=18&cid=4225&clickid=00003199p9257531599&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$r94pe5lsIQYpmh0t?v=18&cid=3975&clickid=0073648029190884819&a=2&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$qfo3TpA3ZV40iAgd?v=19&cid=4197&tid=MFUHurSTFf6vMq2QhijXKv-6A_7HdLPma7_612kg8gizhg1O7kLgZQ-YBqxfeVK6cR2IWb_DHIvq7ZA9tB0EmZLX2lwBpWxE7qzGMAMtXWV3pR8SJBqqyRBkikQ0PSWZZD4Z2QDTLweJhWtvULy9sxmtDJGGwjQpEbAbDowNLWlt6obk6Q8TTiG2QKdbs0iNMzvBr4W_D3l6LH-fuWA8qXBSaEQiJfJ3ms43uGlQXeMw6IKz6Qcc1eAZ9ZLqDD0-k-sQaND1whNJ1iRP3A5A5y2FWF9jMTEF6edzeVzGNGVP6mLNzwriVVhijEiTDu1wgRJ5F1Z5iPvOam8wQscIaYMI_mf8v9YrykH-hanliViedJc&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$tPQ0SJA3IANnlB4I?v=18&cid=4535&clickid=00007584p8640443313&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$j wLXZA3I0UltRIu?v=17&cid=4225&clickid=00003199p9073328896&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$nsIddJA3I0UlnSMb?v=17&cid=4225&clickid=00003199p8893060620&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/download4/.../o8R5A3I0UlgyIp?v=17&cid=4225&clickid=00003199p9267654656&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$it0NZpA3I0Ulszc2?v=17&cid=4225&clickid=00003199p9397456800&cert=grts  (CodecPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$m9QXYZA3IANnjTcy?v=18&cid=4535&clickid=00007584p9288067965&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$i9YbSplscAcpgQ45?lang=en&cid=3867&gclid=CPPI64C-tr0CFcx9OgodmkYAlQ&cert=pts  (77ZipSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$otgfSJA3d142gRYJ?v=7&cid=4378&tid=00010a56a9ed51eea4d2a9f408037ecb9cd2b&SourceId=773&CreativeId=784488&LineItemId=116158&PublisherId=338&Site_ID=1353645003529687731&cert=grts  (VideoPerformerSetup.exe)

1 / 68      (Adware)
http://www.appfusu.com/.../$q U R5A3ZUMpiS8g?v=18&cid=4151&clickid=0066944398766729861&cert=grts  (VideoPerformerSetup.exe)

 
Latest 30 of 387 download URLs

The following 26 files have been seen to comunicate with www.appfusu.com in live environments.

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 50.97.49.242:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.243:80
jet.exe (Jet by Performersoft)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
browser.exe (Browser)

TCP » 50.97.49.242:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
browser.exe (Browser)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 47 files

URL:
http://www.appfusu.com/

Title:
“appfusu.com”

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.