74.201.86.28

IP Address Information

Currently there are 4 domain names that utilize this address. The primary domain hosted by this IP is www.sugarsync.com along with 3 other domains which are known malware distribution web sites.
Scanner detections:
Malware distribution  (55% detected)

Scan engine
Details
Detections

Reason Heuristics
Unnamed.Threat.61, Trojan.Outbrowse (M), Trojan.Delf
46.15%

Baidu Antivirus
Trojan.Win32.Delf, HackTool.Win32.WinActivator, Trojan.Win32.Autoit, Trojan.Win32.Ransomlock, Trojan.Win32.Injector, PUA.Win32.Amonetize
30.77%

avast!
Win32:PUP-gen [PUP], Malware-gen, Evo-gen [Susp], Win32:Banker-MOB [Trj], Win32:Malware-gen, Win32:Evo-gen [Susp], Win32:Dropper-gen [Drp]
30.77%

ESET NOD32
multiple threats, Win32/TrojanDownloader.Delf.BNZ trojan, Win32/TrojanDownloader.Delf.BTP trojan, Win32/TrojanDownloader.Banload.XHB trojan
30.77%

Norman
Suspicious_Gen4.DEDBN, Gen:Trojan.Heur.DP.jTX@ayM2Pzhi, Gen:Variant.Symmi.57781, Gen:Variant.Symmi.58852, Gen:Variant.Strictor.107154
26.92%

Kaspersky
HEUR:Trojan-Downloader.Win32.Generic, Trojan-Ransom.Win32.Blocker, Trojan-Downloader.Win32.Genome, Trojan-Banker.Win32.Banbra
23.08%

Emsisoft Anti-Malware
Gen:Trojan.Heur.EGW@YEEhD1m, Gen:Trojan.Heur.DP.jTX@ayM2Pzhi, Gen:Variant.Symmi.57781, Gen:Variant.Symmi.58852
23.08%

McAfee
PWSZbot-FFY!1612B75EA464, Artemis!8B7E25DCCED1, Artemis!9B99E974C5F3, Artemis!7B9133956213
15.38%

McAfee Web Gateway
PWSZbot-FFY!1612B75EA464, Artemis!8B7E25DCCED1, Artemis!9B99E974C5F3, Artemis!7B9133956213
15.38%

ESET NOD32
Win32/TrojanDownloader.Delf.AFL (variant), Win32/HackTool.WinActivator, Win32/TrojanDownloader.Autoit.NRH, Win32/TrojanDownloader.Adload.NPA
15.38%

The following domains resolved to the IP address 74.201.86.28.

File URLs download from 74.201.86.28.

2 / 68      (Malware)

1 / 68      (Malware)

2 / 68      (Malware)

2 / 68      (Malware)

2 / 68      (Malware)

3 / 68      (Malware)

3 / 68      (Malware)

5 / 68      (Malware)

1 / 68      (Malware)

0 / 68

1 / 68      (Malware)

10 / 68    (Malware)
http://www.sugarsync.com/.../D3586815_272_39870468?directDownload=true  (install=_flashplayer12x32_mssa_aaa_aih.exe)

2 / 68      (Malware)

2 / 68      (Malware)

3 / 68      (Malware)

2 / 68      (Malware)

5 / 68      (PUP)

1 / 68      (inconclusive)

1 / 68      (inconclusive)

2 / 68      (Malware)

5 / 68      (Malware)

0 / 68
http://www.sugarsync.com/downloads/.../SugarSyncSetup.exe  (54096c455a1aa6007ce4355d8692077c)

6 / 68      (Malware)

0 / 68

0 / 68
https://www.sugarsync.com/downloads/.../SugarSyncSetup.exe  (2084aa5c7d4000f42f8c6c2880105909cad68040)

 
Latest 30 of 761 download URLs

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=74.201.86.28?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Internap Network Services Corporation PNAP-10-2006 (NET-74-201-0-0-1) 74.201.0.0 - 74.201.255.255
SugarSync, Inc. INAP-SJE-SUGARSYNCINC-45719 (NET-74-201-86-0-1) 74.201.86.0 - 74.201.86.127



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
12182

ASName:
INTERNAP-2BLK - Internap Network Services Corporation, US

ASHandle:
AS12182

Remove Malware from 74.201.86.28 - Powered by Reason Core Security