home

zello.soft32.com

I.T.N.T. SRL

Domain Information

The domain zello.soft32.com registered by I.T.N.T. SRL was initially registered in September of 2003 through ENOM, INC.. The domain hosts various software downloads. The hosted servers are located in Dulles, Virginia within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Monday, September 29, 2003

Expires date:
Sunday, September 29, 2024

Updated date:
Friday, December 11, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.com

Whois:
1 soft32.com record

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ZuluSoftSRL.L, PUP.Downloader.Bundler.Soft32.Installer (M)
100.00%

VIPRE Antivirus
Threat.4783370
33.33%

Malwarebytes
PUP.Optional.Zulu
33.33%

NANO AntiVirus
Riskware.Nsis.Downloader.cvxhzw
33.33%

Avira AntiVirus
APPL/Downloader.Gen
33.33%

ESET NOD32
MSIL/Soft32Downloader.C potentially unwanted application
33.33%

avast!
Dropper-gen [Drp]
33.33%

Vba32 AntiVirus
TScope.Trojan.MSIL
33.33%

Dr.Web
Adware.Downware.9012
33.33%

Agnitum Outpost
PUA.Downware
33.33%

McAfee
Artemis!E6A73348F0B6
33.33%

Baidu Antivirus
PUA.Win32.Downloader.soft32
33.33%

AVG
Generic
33.33%

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
33.33%

The domain zello.soft32.com has been seen to resolve to the following 20 IP addresses.

52.84.127.146
server-52-84-127-146.iad16.r.cloudfront.net
August 28, 2016

52.84.127.95
server-52-84-127-95.iad16.r.cloudfront.net
August 28, 2016

52.84.127.80
server-52-84-127-80.iad16.r.cloudfront.net
August 28, 2016

52.84.127.62
server-52-84-127-62.iad16.r.cloudfront.net
August 28, 2016

52.84.127.49
server-52-84-127-49.iad16.r.cloudfront.net
August 28, 2016

52.84.127.226
server-52-84-127-226.iad16.r.cloudfront.net
August 28, 2016

52.84.127.185
server-52-84-127-185.iad16.r.cloudfront.net
August 28, 2016

52.84.127.171
server-52-84-127-171.iad16.r.cloudfront.net
August 28, 2016

54.230.194.97
server-54-230-194-97.iad53.r.cloudfront.net
August 11, 2016

54.230.194.47
server-54-230-194-47.iad53.r.cloudfront.net
August 11, 2016

54.230.194.6
server-54-230-194-6.iad53.r.cloudfront.net
August 11, 2016

54.230.194.250
server-54-230-194-250.iad53.r.cloudfront.net
August 11, 2016

54.230.194.245
server-54-230-194-245.iad53.r.cloudfront.net
August 11, 2016

54.230.194.222
server-54-230-194-222.iad53.r.cloudfront.net
August 11, 2016

54.230.194.209
server-54-230-194-209.iad53.r.cloudfront.net
August 11, 2016

54.230.194.135
server-54-230-194-135.iad53.r.cloudfront.net
August 11, 2016

199.27.76.249
February 21, 2016

23.235.39.249
February 21, 2016

199.27.76.185
January 13, 2015

199.27.76.184
January 13, 2015

File downloads found at URLs served by zello.soft32.com.

1 / 68      (Adware)
http://zello.soft32.com/get/file/id/.../?lp=adwords&gclid=CN20hqnK4rcCFYhAMgod_UUAYw  (zello setup.exe)

1 / 68      (Adware)
http://zello.soft32.com/get/file/id/.../?lp=adwords&gclid=CN20hqnK4rcCFYhAMgod_UUAYw  (zello setup.exe)

0 / 68
http://zello.soft32.com/get/file/id/.../?no_download_manager=true  (zellosetup.exe)

14 / 68    (Adware)
http://zello.soft32.com/get/file/id/.../  (zello setup.exe)

The following 5 files have been seen to comunicate with zello.soft32.com in live environments.

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 54.230.194.135:443
catwsprx.exe (CatWSPrx.exe by Catalytix Web Services)

TCP » 54.230.194.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://zello.soft32.com/

Google Analytics:
UA-110868

Title:
“Download Zello 1.22.0.0”

Description:
“Zello free download. Get the latest version now. Live voice chat<br /> <br /> Start your own public or private channel.<br /> Or, join one of 200,000 existing chann”

Network:
Amazon Cloudfront

Web server:
nginx

Facebook:
Likes:  37
Shares:  25
Comments:  10

Statistics are for the previous month.

soft32.com.br

soft32.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.