home

www.applicationcitybinaries.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
applicationcitybinaries.com

Scanner detections:
Malware distribution  (79% detected)

Scan engine
Details
Detections

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Threat.Undefined
83.33%

avast!
Win32:SaliCode, Win32:Oncer, Win32:Sality, Win32:Kukacka, Win32:Parite
75.00%

F-Prot
W32/Sality.gen2, W32/Thecid.B@mm, W32/Parite.B, W32/Sality.E.gen
75.00%

Dr.Web
Win32.Sector.30, Win32.Runonce.6652, Win32.Parite.2, Win32.Sector.21
66.67%

Kaspersky
Virus.Win32.Sality, Email-Worm.Win32.Runouce, Virus.Win32.Parite
66.67%

ESET NOD32
Win32/Sality.NBA virus, Win32/Chir.B virus, Win32/Parite.B virus
66.67%

McAfee
Virus.W32/Sality.gen.z, Virus.W32/Chir.b@MM, Virus.W32/Pate.b
66.67%

Norman
Win32.Sality.3, Win32.Parite.B
58.33%

Emsisoft Anti-Malware
Win32.Runouce.B@mm, Win32.Sality, Win32.Parite
58.33%

F-Secure
Application:W32/Generic.70053c248f!Online, Win32.Runouce.B@mm, Win32.Sality.3, Win32.Parite.B
50.00%

AVG
Win32/Sality, Win32/Chir.B@mm
41.67%

Reason Heuristics
nbsp;
16.67%

Sophos
Virus 'Mal/Sality-D', Virus 'W32/Parite-B'
16.67%

VIPRE Antivirus
Threat.46249
16.67%

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
8.33%

The domain www.applicationcitybinaries.com has been seen to resolve to the following 59 IP addresses.

52.84.125.46
server-52-84-125-46.iad16.r.cloudfront.net
July 31, 2016

52.84.125.25
server-52-84-125-25.iad16.r.cloudfront.net
July 31, 2016

52.84.125.195
server-52-84-125-195.iad16.r.cloudfront.net
July 31, 2016

52.84.125.193
server-52-84-125-193.iad16.r.cloudfront.net
July 31, 2016

52.84.125.191
server-52-84-125-191.iad16.r.cloudfront.net
July 31, 2016

52.84.125.186
server-52-84-125-186.iad16.r.cloudfront.net
July 31, 2016

52.84.125.161
server-52-84-125-161.iad16.r.cloudfront.net
July 31, 2016

52.84.125.112
server-52-84-125-112.iad16.r.cloudfront.net
July 31, 2016

52.84.125.44
server-52-84-125-44.iad16.r.cloudfront.net
July 6, 2016

52.84.125.215
server-52-84-125-215.iad16.r.cloudfront.net
July 6, 2016

52.84.125.196
server-52-84-125-196.iad16.r.cloudfront.net
July 6, 2016

52.84.125.126
server-52-84-125-126.iad16.r.cloudfront.net
July 6, 2016

52.84.125.107
server-52-84-125-107.iad16.r.cloudfront.net
July 6, 2016

52.84.125.103
server-52-84-125-103.iad16.r.cloudfront.net
July 6, 2016

52.84.125.47
server-52-84-125-47.iad16.r.cloudfront.net
July 6, 2016

52.84.125.136
server-52-84-125-136.iad16.r.cloudfront.net
July 1, 2016

52.84.125.101
server-52-84-125-101.iad16.r.cloudfront.net
July 1, 2016

52.84.125.251
server-52-84-125-251.iad16.r.cloudfront.net
July 1, 2016

52.84.125.242
server-52-84-125-242.iad16.r.cloudfront.net
July 1, 2016

52.84.125.210
server-52-84-125-210.iad16.r.cloudfront.net
July 1, 2016

52.84.125.177
server-52-84-125-177.iad16.r.cloudfront.net
July 1, 2016

52.84.125.168
server-52-84-125-168.iad16.r.cloudfront.net
July 1, 2016

52.84.125.142
server-52-84-125-142.iad16.r.cloudfront.net
July 1, 2016

52.85.131.95
server-52-85-131-95.iad53.r.cloudfront.net
May 23, 2016

52.85.131.82
server-52-85-131-82.iad53.r.cloudfront.net
May 23, 2016

52.85.131.37
server-52-85-131-37.iad53.r.cloudfront.net
May 23, 2016

52.85.131.18
server-52-85-131-18.iad53.r.cloudfront.net
May 23, 2016

52.85.131.207
server-52-85-131-207.iad53.r.cloudfront.net
May 23, 2016

52.85.131.185
server-52-85-131-185.iad53.r.cloudfront.net
May 23, 2016

52.85.131.132
server-52-85-131-132.iad53.r.cloudfront.net
May 23, 2016

 
Showing 30 of 59 IP Addresses

File downloads found at URLs served by www.applicationcitybinaries.com.

6 / 68      (Malware)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (adc27609474e3aef3bd63f7f6f4104a3)

11 / 68    (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (5e6fc3b506dba13d1f64ecbde075d011)

0 / 68
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (279faebf1bf2a79cce54deecf3bd24c4)

0 / 68
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (4c1b25e0ad1c3738bf54ef68f40c3d52)

13 / 68    (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (4a259ffd144aabcc8fa06d322d9050d0)

11 / 68    (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (be940b35064c64770ae606e544416ded)

1 / 68      (Malware)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (fbd92a08b7ee9b292b0e17134cb4377e)

10 / 68    (Malware)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (456298a3229066f81f0b8d3ff0a6cbe6)

2 / 68      (false positives)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (wrar420.exe)

3 / 68      (PUP)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (98c517d9c2b537466dfd6045ace31681)

10 / 68    (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (5286e1ab4e8b9551521b566a8ecb71ff)

8 / 68      (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (fb5c6592a6d002a8579ec87f80b26542)

9 / 68      (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (6dd1be2004d700b0e4ca7782a4ff5cd2)

9 / 68      (Infected)
http://www.applicationcitybinaries.com/johnkarynjones/.../installer.exe  (262c5b47e5cc850447f71d7d3daa3e8a)

The following 50 files have been seen to comunicate with www.applicationcitybinaries.com in live environments.

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 52.84.125.186:80
se.exe

TCP » 52.85.142.216:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.47:443
apptrailers.exe

TCP » 52.84.125.126:80
crossbrowse.exe (Crossbrowse)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.131.30:443
browser.exe (Browser)

TCP » 52.84.125.25:80
crossbrowse.exe (Crossbrowse)

TCP » 52.84.125.126:80
se.exe

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.112:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.188:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.126:80
browser.exe (Browser)

TCP » 52.84.125.186:443
browser.exe (Speed Browser by Smart Applications)

TCP » 52.85.142.188:443
cpx.exe (Google Embedded Application)

TCP » 52.84.125.242:443
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.142.221:80
browser.exe (Browser)

TCP » 52.85.142.188:443
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 52.84.125.101:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.210:443
browser.exe (Browser)

 
Latest 20 of 161 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.