» www.brothersoft.de
Overview
Analysis
IPs Addresses (1)
Downloads (3)
Network (17)
Related Domains (6)

www.brothersoft.de

Domain Information

Server location:

Texas, United States (US)

ASN:

AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.KORAMGAMESLIMITED.AA, Win32.Generic

100.00%

VIPRE Antivirus

Trojan.Win32.Generic

33.33%

ESET NOD32

Win32/BSDownloader (variant)

33.33%

herdProtect (fuzzy)

a variant of 22314e62f9f0bd9bf32d0b6bf775824760790639

33.33%

Malwarebytes

PUP.Optional.BSDownloader

33.33%

K7 AntiVirus

Riskware

33.33%

F-Prot

W32/Agent.TR.gen

33.33%

McAfee

Artemis!A19035BE4EF2

33.33%

Baidu Antivirus

Trojan.Win32.BSDownloader

33.33%

The domain www.brothersoft.de has been seen to resolve to the following IP address.

108.168.197.129

108.168.197.129-static.reverse.softlayer.com

January 10, 2014

File downloads found at URLs served by www.brothersoft.de.

1 / 68 (PUP)

http://www.brothersoft.de/downloader/bdm.php?url=http://defiles.brothersoft.com/mp3_audio/.../cdclone322.exe&name=CD Clone (brothersoftdownloader_for_cd_clone.exe)

1 / 68 (Malware)

http://www.brothersoft.de/soft-111641.download (brothersoft_downloader_for_paltalk.exe)

9 / 68 (PUP)

http://www.brothersoft.de/soft-192979.download (brothersoft_downloader_for_auto_clicker_and_auto_typer_2_in_1.exe)

The following 17 files have been seen to comunicate with www.brothersoft.de in live environments.

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80

Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

Related Domains

brothersoft.com

orbitdownloader.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.