» www.styleapplicationzillion.com
Overview
Analysis
IPs Addresses (6)
Downloads (7)
Network (15)
Website Detail

www.styleapplicationzillion.com

Whois Privacy Protection Service, Inc. (Proxy Registrant)

Domain Information

The domain www.styleapplicationzillion.com is registered by proxy through NAME.COM, INC. and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.

Registrant:

Whois Privacy Protection Service, Inc.

Registrar:

NAME.COM, INC.

Server location:

Victoria, Australia (AU)

Create date:

Tuesday, February 25, 2014

Expires date:

Wednesday, February 25, 2015

Updated date:

Tuesday, February 25, 2014

ASN:

AS133618 TRELLIAN-AS-AP Trellian Pty. Limited, AU

Root domain:

styleapplicationzillion.com

Whois:

1 styleapplicationzillion.com record

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Threat.Win.Reputation.IMP, PUP.AlexeyKurilenko.t, Adware.WebPick.Installer (M), Adware (M), PUP.WebPick (M)

100.00%

Malwarebytes

PUP.Optional.Installrex, PUP.Optional.DownloaderSS, PUP.Optional.InstalleRex

42.86%

avast!

Win32:InstalleRex-AI [PUP], Win32:InstalleRex-CH [PUP], Win32:InstalleRex-CK [PUP]

42.86%

Kaspersky

Trojan.Win32.AntiFW, not-a-virus:AdWare.Win32.MultiPlug

42.86%

Dr.Web

Adware.Downware.1541, Trojan.Crossrider.28215, Trojan.WebPick.2759

42.86%

VIPRE Antivirus

Trojan.Win32.Generic, Threat.4150696, Threat.4753027

42.86%

McAfee

PUP-FHQ!1F4116E31906, Trojan.Artemis!BB57FC5359EE, PUP-FHQ!D6BB6F2CE8EA

42.86%

NANO AntiVirus

Riskware.Win32.Downware.ctkpgl, Riskware.Win32.MultiPlug.ddsvpv, Riskware.Win32.InfoLeak.cvgqot

42.86%

Agnitum Outpost

PUA.InstalleRex, PUA.MultiPlug

28.57%

Comodo Security

Application.Win32.InstalleRex.KG, Application.Win32.GreenApp.RR

28.57%

Avira AntiVirus

Adware/InstallRex.X, Adware/MultiPlug.aob

28.57%

Sophos

InstallRex, MultiPlug

28.57%

ESET NOD32

Win32/InstalleRex.M potentially unwanted application

28.57%

AVG

MalSign.Generic, Adware Generic5

28.57%

Panda Antivirus

Adware/TSUploader, PUP/TSUploader

28.57%

The domain www.styleapplicationzillion.com has been seen to resolve to the following 6 IP addresses.

103.224.182.207

lb-182-207.above.com

July 9, 2016

52.26.71.172

ec2-52-26-71-172.us-west-2.compute.amazonaws.com

August 12, 2015

52.27.166.51

ec2-52-27-166-51.us-west-2.compute.amazonaws.com

August 12, 2015

52.27.146.26

ec2-52-27-146-26.us-west-2.compute.amazonaws.com

August 12, 2015

54.191.186.103

ec2-54-191-186-103.us-west-2.compute.amazonaws.com

August 17, 2014

54.187.76.32

ec2-54-187-76-32.us-west-2.compute.amazonaws.com

June 13, 2014

File downloads found at URLs served by www.styleapplicationzillion.com.

1 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=Fifa 14 Working Key Generator Tool - Download Fifa 14 Tool Key Generator?EsetProtoscanCtx=70ff150 (fifa 14 working key generator tool - download fifa 14 tool key generator.exe)

1 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=Fifa 14 Serial Keys and Crack Free Download - Download Fifa 14 Serial Keys and Crack Free Download (fifa 14 serial keys and crack free download - download fifa 14 serial keys and crack free download.e)

1 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=Fifa 14 Original Tool - Download Fifa 14 Original Keygen Tool Free Download (fifa 14 original tool - download fifa 14 original keygen tool free download.exe)

1 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=Best ways to Make Windows 7 Genuine Wat remover Window 7 keys (best ways to make windows 7 genuine wat remover window 7 keys.exe)

13 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=TechSmith Camtasia Studio 8 Full Crack&affiliate_id=bagas (techsmith camtasia studio 8 full crack.exe)

17 / 68 (Adware)

http://www.styleapplicationzillion.com/download/.../?installer_file_name=Hotspot Shield 3.37 Crack Full Version Free Download&filesize=&product_name=Your File&uuid=EzkTXj7e4KtjzI977MCc8tQnpwqajHaVrsqkQmFMPa7WHpCdKdq0XA7xYBYkcgnxFRDERM4piKxgLvHws1macj30b1rKqVxaagiunuo75qyZXI0OtpuQ554E6DVL4W2PASgthhftkcGH2bxtfEzDm0Wiv82xzZ2mBwxmAKCpEad5sYOMBgiTBdwKO1sZTNByvNM6LBl3BazYWfiFfzp919wRHgoIhPQjBvAWaNgeQOsvB0HJYVp4kkEbx35Xzp6P92rL6ESwWxJbD23IvEfodijZkEnyF37KO5MUHmd6nJlWaOH2QOQmzXpJPHr2XAsoFxIuPpxNgdOhraDRCGQIBAq1piNJahM5ZOPSKCxnbuRsGhxla2XzWMfFsaMiSkMDdMi6LgpM8kwEz74u9hAWo3OXPBHYl50iNdCjAnvgsAMzm4Swmk184z99WeTIXcsE8tJNzPNLIwqKfL9YUPykyGF1tkgNO6mxL0chiFNPaELFAu62oRDB67G7PvRKD4R5tPQF9EZqJy4RPI5re61G7jIvpVPYRo1tPBsgVo30w0FKlOSpjKTfs8TFfpkxos2tFuRzvdi5iUsBWoACchqJBGYFS2N6NTbwSIJh7qzimvoByMZp9ZCaj2YhlKDvPO018p8r4XvAtC8bZWLapG2Dabibn4PHMxDyDZF2xSfBTQXGRvVq4Ezofhau3XNCfC94Pe1P8MSAFx6Z3hDCk9v2Gu1YuF5DrNegQhzXAOrvy37FHux4iRBb0QesmxyE6hSYjeKF80RrzbHRPmNgFHewAIB7CJ5YQ3a8A0MQqC3qzXvcpDP8p1RTSVC95Rz9NLkUWw (Hotspot Shield 3.37 Crack Full Version Free Download.exe)

29 / 68 (Adware)

http://www.styleapplicationzillion.com/.../?installer_file_name=Metal Gear Rising Revengeance Crack Free Download - Download Metal Gear Rising Revengeance Cracks (metal gear rising revengeance crack free download - download metal gear rising revengeance cracks.ex)

The following 15 files have been seen to comunicate with www.styleapplicationzillion.com in live environments.

TCP » 103.224.182.207:80

googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80

pooface.exe (Ja)

TCP » 103.224.182.207:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80

fuzezipsetup.exe (Fuze Zip by Koyote Soft)

TCP » 103.224.182.207:80

CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 103.224.182.207:80

emuletorrent.exe

TCP » 103.224.182.207:80

googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:443

winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80

BruteforceSaveData.exe (Bruteforce Save Data by 2014 by Aldo Vargas - http://www.aldostools.org)

TCP » 103.224.182.207:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80

online-guardian.exe

TCP » 103.224.182.207:80

winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80

googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80

cshpfaba.exe

URL:

http://www.styleapplicationzillion.com/

Title:

“Welcome to nginx!”

Web server:

ngx_openresty (PHP/5.4.37)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.