54.197.226.9

ec2-54-197-226-9.compute-1.amazonaws.com

IP Address Information

The IP Address resolves to the DNS record of ec2-54-197-226-9.compute-1.amazonaws.com. Currently there are 5 domain names that utilize this address. The primary domain hosted by this IP is www.joydownload.com along with 4 other domains which are known adware distribution web sites. This is an Amazon Web Services (AWS) Elastic IP Address and is hosted within the AWS cloud computing platform.
Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.OpenCandy
100.00%

ESET NOD32
Win32/JoyDownloader, Win32/OpenCandy
100.00%

Reason Heuristics
PUP.SevasS.R, PUP.SevasS.S, PUP.SevasS.DD, PUP.SevasS.P, PUP.SevasS.Q, PUP.SevasS.f, PUP.SevasS.M, PUP.SevasS.W, PUP.SevasS.X
100.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
93.94%

Dr.Web
Adware.Downware.1446
90.91%

Trend Micro House Call
TROJ_GEN.F47V0911, TROJ_GEN.F47V1214, TROJ_GEN.F47V1126, ADW_OPENCANDY, TROJ_GEN.F47V1213, TROJ_GEN.F47V1028, TROJ_GEN.F47V1019
84.85%

Trend Micro
ADW_OPENCANDY
75.76%

McAfee
Artemis!1F76599C9272, Artemis!1DB7012130E5, Artemis!30F793226CF5, Artemis!FE611590D9E8, Artemis!DEF32AE932B4, Artemis!05ABA008CD79, Artemis!130EEDA1E119, Artemis!7C3301782ABC, Artemis!588B4375786A, Artemis!E13BFA96EEF9, Artemis!CD67D7AB623B, Artemis!CA10E8AF699B, Artemis!A32DA0691E74, Artemis!B79F339FE7CE, Artemis!AE227656F901
60.61%

McAfee Web Gateway
Artemis!1F76599C9272, Artemis!1DB7012130E5, Artemis!30F793226CF5, Artemis!FE611590D9E8, Artemis!DEF32AE932B4, Artemis!05ABA008CD79
60.61%

Antiy Labs AVL
Trojan/Win32.Generic
60.61%

The following domains resolved to the IP address 54.197.226.9.

File URLs download from 54.197.226.9.

23 / 68    (Adware)

11 / 68    (Adware)

17 / 68    (Adware)

11 / 68    (Adware)

13 / 68    (Adware)

11 / 68    (Adware)

13 / 68    (Adware)

11 / 68    (Adware)

11 / 68    (Adware)

9 / 68      (Adware)

9 / 68      (Adware)
http://www.joydownload.com/wi/1/3/1/.../dap-10.0.5.3.exe  (e779b0c31b73685ba78ced7f6038bc67)

 
Latest 30 of 1,823 download URLs

The geographical location of this IP address.

Country:
United States (US)

Region:
Virginia

City:
Ashburn

Coordinates:
39.0437, -77.4875

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=54.197.226.9?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Technologies Inc. AMAZON-2011L (NET-54-192-0-0-1) 54.192.0.0 - 54.207.255.255
Amazon.com, Inc. AMAZO-ZIAD7 (NET-54-196-0-0-1) 54.196.0.0 - 54.197.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
14618

ASName:
AMAZON-AES - Amazon.com, Inc.,US

ASHandle:
AS14618

Remove Malware from 54.197.226.9 - Powered by Reason Core Security