54.254.135.225

ec2-54-254-135-225.ap-southeast-1.compute.amazonaws.com

IP Address Information

The IP Address resolves to the DNS record of ec2-54-254-135-225.ap-southeast-1.compute.amazonaws.com. Currently there are 2 domain names that utilize this address. The primary domain hosted by this IP is server.mobogenie.com along with 1 other domains which are known adware distribution web sites. This is an Amazon Web Services (AWS) Elastic IP Address and is hosted within the AWS cloud computing platform.
Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.X, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.T, PUP.Optional.Installer.BeijingAmazGameAgeInternetTechnologyCo.V, PUP.Optional.Installer.Y, PUP.Optional.Installer.W, PUP.Optional.BeijingAmazGameAgeInternetTechnologyCo.a
100.00%

Dr.Web
Trojan.Siggen6.685, Adware.NextLive.2
44.19%

IKARUS anti.virus
Virus.Win32.Heur, Nsis
30.23%

ESET NOD32
Win32/NextLive, Win32/Mobogenie, Win32/Mobogenie (variant)
27.91%

NANO AntiVirus
Trojan.Win32.NextLive.csjhvj
25.58%

Trend Micro House Call
TROJ_GEN.F47V0109, TROJ_GEN.F47V0203, ADW_NEXTLIVE, TROJ_GE.45BAB8AA, TROJ_GEN.F47V0408
23.26%

VIPRE Antivirus
Adware.Agent, Trojan.Win32.Generic!SB.0, Trojan.AndroidOS.Generic.A
23.26%

Rising Antivirus
JS:Malware.OddJS!5.3E, NS:Malware.Install!1.9F62, PE:Trojan.Win32.Generic.16594EEF!374951663
20.93%

herdProtect (fuzzy)
a variant of 4d4d2fa435b608bc8ba316f6bcdda8e008864602, a variant of 7b0725338be22125bf23f78f677b4f9c3dca588f, a variant of 27c29033e7ab6d1a992205ab5de34b83c03b3751
20.93%

McAfee
Artemis!579FB275EA7B, Artemis!9EEEA3B146EE, Artemis!9940667030F7
18.60%

The following domains resolved to the IP address 54.254.135.225.

File URLs download from 54.254.135.225.

1 / 68      (PUP)

9 / 68      (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=21  (9940667030f7c83be3dd8e38a637233b.exe)

1 / 68      (PUP)

1 / 68      (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=2  (e3a735194a3e105188b6c32115106284.exe)

7 / 68      (PUP)

1 / 68      (PUP)
http://server.mobogenie.com/.../downloadClient.htm?media=16  (abfc51bf5313b0fd737351a467f2a072.exe)

1 / 68      (PUP)

4 / 68      (PUP)

1 / 68      (PUP)

13 / 68    (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

14 / 68    (PUP)

1 / 68      (PUP)

14 / 68    (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

The geographical location of this IP address.

Country:
Singapore (SG)

Region:
Singapore

City:
Singapore

Coordinates:
1.28967, 103.85

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=54.254.135.225?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Amazon Data Services Japan AMAZON-ASIA-SIN2 (NET-54-254-0-0-1) 54.254.0.0 - 54.254.255.255
Amazon Technologies Inc. AMAZON-2011L (NET-54-240-0-0-1) 54.240.0.0 - 54.255.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
38895

ASName:
AMAZON-AS-AP Amazon.com Tech Telecom, JP

ASHandle:
AS38895

Remove Malware from 54.254.135.225 - Powered by Reason Core Security