home

www.softcandy.net

Nishi Shukla

Domain Information

The domain www.softcandy.net registered by Nishi Shukla was initially registered in December of 2014 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, December 25, 2014

Expires date:
Sunday, December 25, 2016

Updated date:
Sunday, April 3, 2016

Root domain:
softcandy.net

Whois:
1 softcandy.net record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Emsisoft Anti-Malware
Gen:Variant.Application.MSILPerseus.16027
100.00%

Norman
Gen:Variant.Application.MSILPerseus.16027
100.00%

F-Secure
Variant.Application.MSILPerseus
50.00%

Reason Heuristics
Adware.Downloader (M)
50.00%

The domain www.softcandy.net has been seen to resolve to the following IP address.

166.62.28.122
ip-166-62-28-122.ip.secureserver.net
May 15, 2016

File downloads found at URLs served by www.softcandy.net.

3 / 68      (PUP)
http://www.softcandy.net/.../Install_FlashPlayer.exe  (c47d1bcce99686c2c2a9e0eda0ea47cb)

3 / 68      (Malware)
http://www.softcandy.net/.../Install_FlashPlayer.exe  (260391d4dd38bb291a6d84bdba2058db)

The following file have been seen to comunicate with www.softcandy.net in live environments.

TCP » 166.62.28.122:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://www.softcandy.net/

Title:
“Soft Candy - Your Software Point”

Description:
“Fast downloads of the latest free software forever!”

Web server:
Apache/2.4.12 (PHP/5.4.43)

moneydic.com

net.au

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.