74.201.86.28

IP Address Information

Currently there are 4 domain names that utilize this address. The primary domain hosted by this IP is www.sugarsync.com along with 3 other domains which are known malware distribution web sites.
Scanner detections:
Malware distribution  (64% detected)

Scan engine
Details
Detections

Emsisoft Anti-Malware
Gen:Trojan.Heur.EGW@YEEhD1m, Gen:Variant.Symmi.57070, Gen:Variant.Symmi.57781, Gen:Variant.Strictor.99853, Gen:Variant.Zusy.173527, Gen:Variant.Zusy.176905, Gen:Variant.Symmi.60175, Gen:Variant.Symmi.58852, Win32.SlugIn
53.33%

Norman
Suspicious_Gen4.DEDBN, Gen:Variant.Symmi.57781, Gen:Variant.Zusy.173527, Gen:Variant.Zusy.176905, Suspicious_Gen5.AQWOX
50.00%

ESET NOD32
multiple threats, Win32/TrojanDownloader.Delf.BNZ trojan, Win32/TrojanDownloader.Banload.WPJ trojan, Win32/TrojanDownloader.Banload.XDA trojan
43.33%

avast!
Win32:PUP-gen [PUP], Malware-gen, Evo-gen [Susp], Win32:Malware-gen, Win32:Evo-gen [Susp], AutoIt:Agent-AJX [Trj], Win32:Downloader-VJY [Drp]
40.00%

Baidu Antivirus
Trojan.Win32.Delf, HackTool.Win32.WinActivator, Trojan.Win32.Autoit, Trojan.Win32.Ransomlock, Trojan.Win32.Injector, PUA.Win32.Amonetize
33.33%

McAfee
PWSZbot-FFY!1612B75EA464, Artemis!8B7E25DCCED1, Artemis!9B99E974C5F3, RDN/Generic Downloader.x, Trojan.GenericR-FLC!3A02C496F1EA
30.00%

Kaspersky
HEUR:Trojan-Downloader.Win32.Generic, Trojan-Ransom.Win32.Blocker, UDS:DangerousObject.Multi.Generic, Trojan-Downloader.Win32.Genome
30.00%

Reason Heuristics
Unnamed.Threat.61, Trojan.Delf, Trojan.Outbrowse (M), Adware.Downloader.Installer.Meta (M)
26.67%

Qihoo 360 Security
Win32/Trojan.Ransom.4c0, QVM41.1.Malware.Gen, HEUR/QVM18.1.Malware.Gen, HEUR/QVM41.2.Malware.Gen, HEUR/Malware.QVM11.Gen
26.67%

ESET NOD32
Win32/TrojanDownloader.Delf.AFL (variant), Win32/HackTool.WinActivator, Win32/TrojanDownloader.Autoit.NRH, Win32/TrojanDownloader.Adload.NPA
23.33%

The following domains resolved to the IP address 74.201.86.28.

File URLs download from 74.201.86.28.

3 / 68      (Malware)

1 / 68      (Malware)

3 / 68      (Malware)

9 / 68      (Infected)

11 / 68    (Infected)

14 / 68    (Malware)

6 / 68      (Malware)

3 / 68      (Malware)

4 / 68      (Malware)
https://www.sugarsync.com/.../D3196069_178_964848570?directDownload=true  (install_flash_player_version_11_2_3_br_win.exe)

3 / 68      (PUP)

2 / 68      (inconclusive)

14 / 68    (Malware)

17 / 68    (Malware)

15 / 68    (Malware)

4 / 68      (Malware)
http://www.sugarsync.com/.../D3572425_971_636039629?directDownload=true  (install=_flashplayer12x32_mssa_aaa_aih.exe)

5 / 68      (PUP)

1 / 68      (inconclusive)

1 / 68      (inconclusive)

8 / 68      (Malware)

1 / 68      (inconclusive)

25 / 68    (PUP)

4 / 68      (Malware)

4 / 68      (Malware)

1 / 68      (inconclusive)

5 / 68      (Malware)

2 / 68      (Malware)

 
Latest 30 of 761 download URLs

ARIN WHOIS:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=74.201.86.28?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Internap Network Services Corporation PNAP-10-2006 (NET-74-201-0-0-1) 74.201.0.0 - 74.201.255.255
SugarSync, Inc. INAP-SJE-SUGARSYNCINC-45719 (NET-74-201-86-0-1) 74.201.86.0 - 74.201.86.127



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


Autonomous System Assignment
ASNumber:
12182

ASName:
INTERNAP-2BLK - Internap Network Services Corporation, US

ASHandle:
AS12182

Remove Malware from 74.201.86.28 - Powered by Reason Core Security