Server location:
Georgia, United States (US)
ASN:
AS20446 HIGHWINDS3 - Highwinds Network Group, Inc.,US
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Reason Heuristics
(M), Adware.Amonetize (M), Adware.Amonetize.ET (M), Adware.InstallMonetizer.NMK.Installer.Meta (M), Adware.InstallMonetizer.FenamnFa.Installer.Meta (M), Adware.InstallMonetizer.Finful.Installer.Meta (M), Adware.Amonetize.OldTramo.Installer.Meta (M), Adware.InstallMonetizer.FstTeaf.Installer.Meta (M), Adware.InstallMonetizer.SPRT.Installer.Meta (M), PUP.InstallMonetizer.pbJVwqWk.Installer.Meta (M), Adware.InstallMonetizer.tG4QL2Q.Installer.Meta (M), Adware.InstallMonetizer.Pepcy.Installer.Meta (M), Adware.InstallMonetizer.nF2Nxk.Installer.Meta (M), Adware.InstallMonetizer.xHcgVt0e.Installer.Meta (M), Adware.InstallMonetizer.OldTramo.Installer.Meta (M), Adware.InstallMonetizer.PLT.Installer.Meta (M), Adware.Amonetize.gMBY7JIB.Meta (M), Adware.InstallMonetizer.w1NzcLST.Meta (M), Adware.InstallMonetizer.GYNKF.Meta (M), Adware.InstallMonetizer.u9ApBD4M.Installer.Meta (M), Adware.Amonetize.RE (M), Adware.InstallMonetizer.PvlPoint.Installer.Meta (M), PUP.InstallMonetizer.StarGrat.Installer.Meta (M), Adware.InstallMonetizer.x7KltFes.Installer.Meta (M)
77.55%
ESET NOD32
Win32/Amonetize.NY potentially unwanted application, Win32/Amonetize.RB potentially unwanted application, Win32/Amonetize.OR potentially unwanted application, Win32/Amonetize.OO potentially unwanted application, Win32/Amonetize.SX potentially unwanted application, Win32/Amonetize.UM potentially unwanted application, Win32/Amonetize.QK potentially unwanted application, Win32/Amonetize.UO potentially unwanted application, Win32/Amonetize.SE potentially unwanted application, Win32/Amonetize.QG potentially unwanted application
32.65%
Norman
Gen:Variant.Graftor.283922, Gen:Variant.Graftor.286372, Gen:Variant.Razy.53845, Gen:Variant.Razy.55810, Gen:Variant.Graftor.273566
32.65%
F-Secure
Variant.Graftor.283922, Variant.Graftor.286372, Variant.Razy.53845, Variant.Razy.55810, Variant.Razy.27757, Variant.Razy.37085, Variant.Razy.50351
22.45%
Emsisoft Anti-Malware
Gen:Variant.Graftor.286372, Gen:Variant.Razy.27757, Gen:Heur.ManBat, Gen:Variant.Razy.18984, Gen:Variant.Application.Jaik.9084
16.33%
avast!
Win32:Evo-gen [Susp], Win32:Malware-gen
10.20%
Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.AdLoad
8.16%
MicroWorld eScan
Gen:Heur.ManBat.1
2.04%
Malwarebytes
PUP.Optional.Amonetize
2.04%
AegisLab AV Signature
AdWare.W32.Amonetize.muQm
2.04%
Arcabit
Trojan.ManBat.1
2.04%
F-Prot
W32/Amonetize.AG2.gen
2.04%
ESET NOD32
Win32/Amonetize.RG potentially unwanted (variant)
2.04%
Bitdefender
Gen:Heur.ManBat.1
2.04%
The domain www.quinquevalenceslavepeopled.tech has been seen to resolve to the following 2 IP addresses.
map2.hwcdn.net
July 17, 2016
File downloads found at URLs served by www.quinquevalenceslavepeopled.tech.
Latest 30 of 358 download URLs