home

www.baixegetit.net

REACTIVATION PERIOD

Domain Information

The domain www.baixegetit.net registered by REACTIVATION PERIOD was initially registered in February of 2015 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Wasilla, Alaska within the United States which resides on the Level 3 Communications, Inc. network.
Registrar:
ENOM, INC.

Server location:
Alaska, United States (US)

Create date:
Wednesday, February 4, 2015

Expires date:
Thursday, February 4, 2016

Updated date:
Friday, March 18, 2016

ASN:
AS21740 ENOMAS1 - eNom, Incorporated,US

Root domain:
baixegetit.net

Whois:
3 baixegetit.net records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BRASFIELD.Installer (M), PUP.STARGLOB.Installer (M), PUP.Gencolab.Installer (M), Adware.Generic.AT (M), PUP.BR Software.GENCOLAB.Installer (M), PUP (M)
70.00%

Dr.Web
Trojan.KillFiles.24425, Trojan.Fraudster.1476, Trojan.DownLoader12.30754
40.00%

ESET NOD32
multiple threats
40.00%

VIPRE Antivirus
Threat.4150696
30.00%

McAfee
Trojan.Artemis!4B20907CE235, Trojan.Artemis!5BD4DD9E290F, Trojan.Artemis!F11AE95D0452
30.00%

avast!
Win32:Adware-gen [Adw]
30.00%

F-Prot
W32/Adware.ALMA (exact, not disinfectable)
30.00%

Norman
Gen:Variant.Adware.Graftor.179433
30.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.179433
20.00%

Microsoft Security Essentials
Threat.Undefined
10.00%

The domain www.baixegetit.net has been seen to resolve to the following 2 IP addresses.

8.5.1.32
March 4, 2016

82.221.105.12
January 27, 2016

File downloads found at URLs served by www.baixegetit.net.

1 / 68      (Malware)
http://www.baixegetit.net/ids/.../Download Dead Rising 3.exe  (75b86b3bfa02925548919167412c4865)

9 / 68      (PUP)
http://www.baixegetit.net/.../310714_br.exe  (j6hywjuofopqp9mo72owcghc6pj6hywjuofopqp9mo72owcghc6pj6hywjuofopqp9mo72owcghc6p_br.exe)

1 / 68      (Adware)
http://www.baixegetit.net/.../291014_nj.exe  (9cb67d8bcb02f1eb34ca7b28464e0de0)

1 / 68      (PUP)
http://www.baixegetit.net/ids/.../Ntfs 4.32 Serial.exe  (ntfs-432-serial.exe)

1 / 68      (PUP)
http://www.baixegetit.net/ids/id55/.../Iniciar-Download.exe  (bef20d5d03682d6c5c80ac543fc37f6b)

6 / 68      (PUP)
http://www.baixegetit.net/.../310714_br.exe  (7j8tlic17smu8mbu3ogwj7j8tlic17smu8mbu3ogwj7j8tlic17smu8mbu3ogwj_br.exe)

1 / 68      (PUP)
http://www.baixegetit.net/ids/.../Download Cinquenta Tons de Cinza Dublado e Legendado.exe  (64c49c0732d724a068acff469fdf0100)

8 / 68      (PUP)
http://www.baixegetit.net/.../310714_br.exe  (7363dea6a632abf4888902efb6ea61a2)

4 / 68      (Malware)
http://www.baixegetit.net/.../291014_nj.exe  (9254fb0aec1e5b26d532f124bf096462)

1 / 68      (PUP)
http://www.baixegetit.net/ids/.../Download Clube da Luta DVDRip AVI Dual Áudio RMVB Dublado.exe  (download clube da luta dvdrip avi dual udio rmvb dublado.exe)

The following file have been seen to comunicate with www.baixegetit.net in live environments.

TCP » 8.5.1.32:80
chrome.crx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.