home

www.sendcityapps.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
sendcityapps.com

Scanner detections:
Malware distribution  (88% detected)

Scan engine
Details
Detections

avast!
Win32:Malware-gen, Win32:Sality, Win32:SaliCode, Win32:Parite
85.71%

ESET NOD32
Win32/InstallCore.ACY.gen potentially unwanted application, Win32/Sality.NBA virus, Win32/Parite.B virus
71.43%

Dr.Web
Trojan.InstallCore.978, Win32.Sector.30
57.14%

F-Prot
W32/Sality.E.gen, W32/Sality.gen2, W32/Parite.B
57.14%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4758034, Threat.46249
42.86%

McAfee
Artemis!0756591F5975, Virus.W32/Sality.gen.z
42.86%

Reason Heuristics
Adware.Bundler (M)
42.86%

Kaspersky
Virus.Win32.Sality
42.86%

Microsoft Security Essentials
Threat.Undefined
42.86%

AVG
Win32/Sality
42.86%

F-Secure
Win32.Sality.3
42.86%

Sophos
Install Core (PUA), Virus 'Mal/Sality-D'
28.57%

AhnLab V3 Security
PUP/Win32.Downloader
28.57%

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F], PE:Malware.Generic(Thunder)!1.A1C4 [F]
28.57%

Emsisoft Anti-Malware
Win32.Sality
28.57%

The domain www.sendcityapps.com has been seen to resolve to the following 45 IP addresses.

52.85.131.209
server-52-85-131-209.iad53.r.cloudfront.net
July 27, 2016

52.85.131.155
server-52-85-131-155.iad53.r.cloudfront.net
July 27, 2016

52.85.131.139
server-52-85-131-139.iad53.r.cloudfront.net
July 27, 2016

52.85.131.134
server-52-85-131-134.iad53.r.cloudfront.net
July 27, 2016

52.85.131.52
server-52-85-131-52.iad53.r.cloudfront.net
July 27, 2016

52.85.131.250
server-52-85-131-250.iad53.r.cloudfront.net
July 27, 2016

52.85.131.223
server-52-85-131-223.iad53.r.cloudfront.net
July 27, 2016

52.84.125.47
server-52-84-125-47.iad16.r.cloudfront.net
July 18, 2016

52.84.125.44
server-52-84-125-44.iad16.r.cloudfront.net
July 18, 2016

52.84.125.215
server-52-84-125-215.iad16.r.cloudfront.net
July 18, 2016

52.84.125.210
server-52-84-125-210.iad16.r.cloudfront.net
July 18, 2016

52.84.125.196
server-52-84-125-196.iad16.r.cloudfront.net
July 18, 2016

52.84.125.126
server-52-84-125-126.iad16.r.cloudfront.net
July 18, 2016

52.84.125.107
server-52-84-125-107.iad16.r.cloudfront.net
July 18, 2016

52.84.125.103
server-52-84-125-103.iad16.r.cloudfront.net
July 18, 2016

52.85.131.18
server-52-85-131-18.iad53.r.cloudfront.net
May 17, 2016

52.85.131.207
server-52-85-131-207.iad53.r.cloudfront.net
May 17, 2016

52.85.131.185
server-52-85-131-185.iad53.r.cloudfront.net
May 17, 2016

52.85.131.132
server-52-85-131-132.iad53.r.cloudfront.net
May 17, 2016

52.85.131.125
server-52-85-131-125.iad53.r.cloudfront.net
May 17, 2016

52.85.131.95
server-52-85-131-95.iad53.r.cloudfront.net
May 17, 2016

52.85.131.82
server-52-85-131-82.iad53.r.cloudfront.net
May 17, 2016

52.85.131.37
server-52-85-131-37.iad53.r.cloudfront.net
May 17, 2016

52.85.142.98
server-52-85-142-98.iad12.r.cloudfront.net
May 16, 2016

52.85.142.28
server-52-85-142-28.iad12.r.cloudfront.net
May 16, 2016

52.85.142.210
server-52-85-142-210.iad12.r.cloudfront.net
May 16, 2016

52.85.142.192
server-52-85-142-192.iad12.r.cloudfront.net
May 16, 2016

52.85.142.185
server-52-85-142-185.iad12.r.cloudfront.net
April 19, 2016

52.85.142.67
server-52-85-142-67.iad12.r.cloudfront.net
April 19, 2016

54.230.102.211
server-54-230-102-211.iad2.r.cloudfront.net
April 12, 2016

 
Showing 30 of 45 IP Addresses

File downloads found at URLs served by www.sendcityapps.com.

4 / 68      (Malware)
http://www.sendcityapps.com/.../installer.exe  (be4e47ee0df061588fbc1cedd355c819)

3 / 68      (PUP)
http://www.sendcityapps.com/.../installer.exe  (98c517d9c2b537466dfd6045ace31681)

10 / 68    (Infected)
http://www.sendcityapps.com/.../installer.exe  (23fc2501a71f415d71f19eccf41466a4)

12 / 68    (Infected)
http://www.sendcityapps.com/.../installer.exe  (6c1ef2187899289db960aac07002c6f8)

0 / 68
http://www.sendcityapps.com/.../installer.exe  (ff3469af9b7dbda14ea7fff1162fd52d)

17 / 68    (PUP)
http://www.sendcityapps.com/.../installer.exe  (0756591f597552415e42b0781d2e4811)

3 / 68      (PUP)
http://www.sendcityapps.com/.../installer.exe  (1d4ce2d623f4823634b38127b89bb69e)

10 / 68    (Infected)
http://www.sendcityapps.com/.../installer.exe  (951dca7c794651b60c908292086295ef)

The following 41 files have been seen to comunicate with www.sendcityapps.com in live environments.

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 52.85.142.216:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.47:443
apptrailers.exe

TCP » 52.84.125.126:80
crossbrowse.exe (Crossbrowse)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.126:80
se.exe

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.185:443
UCBrowser.exe (by UCWeb)

TCP » 52.84.125.126:80
browser.exe (Browser)

TCP » 52.85.142.201:443
browser.exe (Browser)

TCP » 52.85.142.98:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.221:80
browser.exe (Browser)

TCP » 52.84.125.210:443
browser.exe (Browser)

TCP » 52.85.142.201:443
apptrailers.exe

TCP » 52.85.142.28:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.221:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.47:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 52.85.142.221:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.28:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.210:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 117 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.