» www.power-ful.xyz
Overview
Analysis
IPs Addresses (2)
Downloads (2)

www.power-ful.xyz

Domain Information

Server location:

Georgia, United States (US)

ASN:

AS20446 HIGHWINDS3 - Highwinds Network Group, Inc.,US

Root domain:

power-ful.xyz

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Amonetize.ITVILBIP.Installer (M), Adware.Amonetize.ET (M), Adware.Amonetize (M), PUP.Amonitize.Immortal.Installer (M), PUP.Amonetize.PRAgents.Installer (M), PUP.Amonetize.PRAgents (M), Adware.Amonetize.Installer, PUP.Amonetize.rIrvOxRo (M), PUP.Amonetize.SmartMar (M), PUP.Amonetize.DevelopI (M), Adware.Amonetize.SmartEks.Meta (M), Adware.Amonetize.STKDevel.Meta (M), PUP.Amonetize.SvordDev (M), PUP.Amonetize.DevelopP (M), Adware.Amonetize.VDevelop.Meta (M), Adware.Amonetize.Installer.Meta (M), PUP.Amonetize.STKDevel (M)

88.00%

Dr.Web

Trojan.Amonetize.3133, Detection.Undefined, Trojan.Amonetize.12859, Trojan.Amonetize.12893, Trojan.Amonetize.12912, Trojan.Amonetize.12949, Trojan.Amonetize.12966, Trojan.Amonetize.13033, Trojan.Amonetize.13044, Trojan.Amonetize.13218

52.00%

ESET NOD32

Win32/Amonetize.MB potentially unwanted application, Win32/Amonetize.RW potentially unwanted application, Win32/Amonetize.SR potentially unwanted application, Win32/Amonetize.RC potentially unwanted application

36.00%

Kaspersky

UDS:DangerousObject.Multi.Generic, not-a-virus:HEUR:Downloader.Win32.AdLoad, not-a-virus:AdWare.Win32.Amonetize

30.00%

McAfee

Trojan.Artemis!E72A358D9CA0, Artemis!E97245F4A1C6, Trojan.Artemis!9D8C31AF1C4B

20.00%

Avira AntiVirus

ADWARE/Amonetize.Gen, ADWARE/Amonetize.Gen7, ADWARE/Amonetize.IV

6.00%

Qihoo 360 Security

QVM42.0.Malware.Gen, QVM10.1.Malware.Gen

6.00%

Malwarebytes

PUP.Optional.Amonetize

4.00%

Sophos

Generic PUA EF (PUA), Generic PUA KI (PUA)

4.00%

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F], PE:Malware.Generic(Thunder)!1.A1C4 [F]

4.00%

avast!

Win32:Dropper-gen [Drp], Win32:Adware-gen [Adw]

4.00%

Emsisoft Anti-Malware

Gen:Variant.Graftor.275998, Gen:Variant.Application.Bundler.Amonetize.64

4.00%

VIPRE Antivirus

Threat.4150696

2.00%

K7 AntiVirus

Adware

2.00%

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

2.00%

The domain www.power-ful.xyz has been seen to resolve to the following 2 IP addresses.

205.185.216.10

February 18, 2016

205.185.216.42

map2.hwcdn.net

February 18, 2016

File downloads found at URLs served by www.power-ful.xyz.

3 / 68 (PUP)

http://www.power-ful.xyz/.../Bundle_FlowsurfCB.exe (3eacd1dc76a158a7902e54979c7c3449)

3 / 68 (PUP)

http://www.power-ful.xyz/.../Bundle_SnapDoNew.exe (vs33dy12x.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.