HEUR:Trojan.Win32.Generic (Kaspersky), Trojan.Generic.16417312 (B) (Emsisoft), Trojan.Generic.16417312 (AdAware), GenericAutorunWorm.YR (Lavasoft MAS)Behaviour: Trojan, Worm, WormAutorun
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
MD5: cfdba56437d93b0c4a4001a7564810d1
SHA1: 8423a630ca095cea411185ffd993557ebd453233
SHA256: 1b5ae1c4f4da6ca91f5e35b9cdd9f3d6b05682140445cc00de1aa437b6d48fa3
SSDeep: 3072:oXYa61ln1kKyK9eXo1HsDNEKRhmuJPtfgO:oXQ1ln1pooByxPf
Size: 2637776 bytes
File type: EXE
Platform: WIN32
Entropy: Not Packed
PEID: MingWin32GCC3x, UPolyXv05_v6
Company: BoostSoftware Inc.
Created at: 2012-08-16 04:30:11
Analyzed on: WindowsXP SP3 32-bit
Summary: Trojan. A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).
Dynamic Analysis
Payload
Behaviour | Description |
---|---|
WormAutorun | A worm can spread via removable drives. It writes its executable and creates "autorun.inf" scripts on all removable drives. The autorun script will execute the Trojan's file once a user opens a drive's folder in Windows Explorer. |
Process activity
The Trojan creates the following process(es):No processes have been created.The Trojan injects its code into the following process(es):No processes have been created.
Mutexes
The following mutexes were created/opened:No objects were found.
File activity
No files have been created.
Registry activity
Dropped PE files
There are no dropped PE files.
HOSTS file anomalies
The Trojan modifies "%System%\drivers\etc\hosts" file which is used to translate DNS entries to IP addresses. The modified file is 61785 bytes in size. The following strings are added to the hosts file listed below:
173.224.216.15 | viabcp.com |
173.224.216.15 | www.viabcp.com |
173.224.216.15 | ww2.viabcp.com |
173.224.216.15 | bcpzonasegura.viabcp.com |
173.224.216.15 | hotmail.com |
173.224.216.15 | www.hotmail.com |
215.27.78.249 | 13iii.com |
247.185.117.251 | 15660808.co.kr |
105.167.238.146 | 2-spyware.com |
232.163.183.54 | 247fixes.com |
252.239.209.43 | 360.cn |
29.141.249.114 | 360.com |
143.123.181.197 | 360safe.cn |
13.119.126.173 | 360safe.com |
221.196.84.162 | 45pounds.com |
254.97.192.164 | 51nb.com |
112.12.56.59 | 9down.com |
51.75.1.223 | a-2.org |
2.152.216.212 | a188.x.akamai.net |
35.53.67.26 | abuse.ch |
149.224.187.109 | acs.pandasoftware.com |
20.31.133.17 | ad-aware-se.uptodown.com |
40.108.159.6 | ad.fastclick.net |
72.10.198.76 | ads.fastclick.net |
186.180.63.227 | agfirewall.ru |
57.244.8.135 | agnitum.com |
9.64.34.124 | agnitum.de |
110.222.74.195 | agnitum.fr |
156.136.194.22 | agnitum.ru |
94.200.139.186 | ahn.com.cn |
46.21.165.175 | ahnlab.com |
79.178.205.245 | akamai.net |
193.93.137.140 | aknow.prevx.com |
132.156.14.48 | aladdin.com |
83.233.41.37 | alert.rising.com.cn |
116.134.148.107 | alerta-antivirus.inteco.es |
230.49.12.190 | alerta-antivirus.red.es |
101.112.214.98 | alladdin.ru |
121.189.172.87 | aluriasoftware.com |
153.23.23.157 | analysis.seclab.tuwien.ac.at |
199.5.144.240 | andymanchesta.com |
138.1.89.216 | anti-virus-software-review.com |
90.145.115.205 | anti-virus.by |
123.235.155.208 | anti-virus.com |
237.217.19.103 | antirootkit.com |
175.213.220.11 | antispam.sunbeltsoftware.com |
127.102.246.0 | antispy.ru |
160.191.30.70 | antispyware.sunbeltsoftware.com |
18.174.150.153 | antivir.es |
145.169.95.129 | antiviraldp.com |
164.246.122.118 | antivirus-online.de |
197.147.161.120 | antivirus-tools.com |
243.130.25.15 | antivirus.about.com |
182.125.227.179 | antivirus.cai.com |
134.202.253.168 | antivirus.comodo.com |
166.104.104.238 | antivirus.hispavista.com |
24.86.225.65 | antivirus.sunbeltsoftware.com |
219.82.170.229 | antiy.net |
171.158.128.218 | anubis.iseclab.org |
204.60.236.33 | apac.trendmicro.com |
62.42.100.184 | ar.answers.yahoo.com |
188.38.45.92 | ar.atwola.com |
208.115.3.81 | arcabit.com |
241.16.111.151 | arcabit.pl |
99.255.231.234 | archive.bitdefender.com |
226.250.176.142 | arswp.com |
177.71.203.131 | arwww.fortinet.cz |
210.228.242.201 | asap.authentium.com |
68.211.106.28 | ashampoo.com |
7.206.52.4 | atazita.blogspot.com |
215.27.78.249 | atdmt.com |
247.185.117.251 | attechnical.com |
105.167.238.146 | atwola.com |
232.163.183.54 | au.mcafee.com |
252.239.209.43 | auditmypc.com |
29.141.249.114 | authentium.com |
143.123.181.197 | auwww.ealaddin.nl |
13.119.126.173 | avast-home.uptodown.com |
221.196.84.162 | avast.com |
254.97.192.164 | avast.ru |
112.12.56.59 | avg-antivirus.net |
51.75.1.223 | avg.com |
2.152.216.212 | avg.vo.llnwd.net |
35.53.67.26 | avgate.net |
149.224.187.109 | avgfrance.com |
20.31.133.17 | avhide.com |
40.108.159.6 | avira.com |
72.10.198.76 | avp.ch |
186.180.63.227 | avp.com |
57.244.8.135 | avp.ru |
9.64.34.124 | avpclub.ddns.info |
110.222.74.195 | avu.zonelabs.com |
156.136.194.22 | avx.rob-have.net |
94.200.139.186 | awaps.net |
46.21.165.175 | b-have.orgbitdefender-ar.com |
79.178.205.245 | babooforum.com.br |
193.93.137.140 | backup.comodo.com |
132.156.14.48 | baike.360.cn |
83.233.41.37 | baike.360.com |
116.134.148.107 | bakunos.com |
230.49.12.190 | banner.fastclick.net |
101.112.214.98 | banners.fastclick.net |
121.189.172.87 | baristamagazine.com |
153.23.23.157 | basetendencies.com |
199.5.144.240 | bbs.360.cn |
138.1.89.216 | bbs.360safe.cn |
90.145.115.205 | bbs.360safe.com |
123.235.155.208 | bbs.cfan.com.cn |
237.217.19.103 | bbs.cpcw.com |
175.213.220.11 | bbs.dswlab.com |
127.102.246.0 | bbs.duba.net |
160.191.30.70 | bbs.ikaka.com |
18.174.150.153 | bbs.janmeng.com |
145.169.95.129 | bbs.kafan.cn |
164.246.122.118 | bbs.kafan.com |
197.147.161.120 | bbs.kaspersky.com.cn |
243.130.25.15 | bbs.kpfans.com |
182.125.227.179 | bbs.mcafeefans.com |
134.202.253.168 | bbs.s-sos.net |
166.104.104.238 | bbs.sucop.com |
24.86.225.65 | bbs.taisha.org |
219.82.170.229 | bbs.trendmicro.com.cn |
171.158.128.218 | bbs.winzheng.com |
204.60.236.33 | bestofewan.com |
62.42.100.184 | beta.anti-virus.by |
188.38.45.92 | bg.virusblokada.com |
208.115.3.81 | bhsbees.com |
241.16.111.151 | bitcity.info |
99.255.231.234 | bitcity.org |
226.250.176.142 | bitdefender.co.uk |
177.71.203.131 | bitdefender.com |
210.228.242.201 | bitdefender.com.ua |
68.211.106.28 | bitdefender.es |
7.206.52.4 | bitdefender.org |
215.27.78.249 | bitdefender.secyber.net |
247.185.117.251 | bitdefenderchina.com |
105.167.238.146 | bitdefenderguatemala.com |
232.163.183.54 | bitdefendermalaysia.com |
252.239.209.43 | bitdefendertaiwan.com |
29.141.249.114 | bitdefenderuruguay.com |
143.123.181.197 | bitdefenderusa.com |
13.119.126.173 | biz.nprotect.com |
221.196.84.162 | bkav.com.vn |
254.97.192.164 | blackice.iss.net |
112.12.56.59 | bleedingthreats.net |
51.75.1.223 | bleepingcomputer.com |
2.152.216.212 | blitzblank.com |
171.189.203.162 | blog.hispasec.com |
29.104.67.245 | blog.threatfire.com |
156.167.13.153 | blog.titanium-jewelry.com |
176.244.39.142 | blog.trendmicro.com |
208.146.78.212 | blogs.icerocket.com |
66.60.199.107 | blogs.protegerse.com |
193.124.144.15 | blogschapines.com |
145.200.170.4 | boardreader.com |
246.102.210.74 | bobbondart.com |
36.16.74.158 | br.mcafee.com |
230.80.19.66 | br.trendmicro.com |
182.157.45.55 | brazil.kaspersky.com |
215.58.85.125 | buddy.bitdefender.com |
73.229.17.20 | bugs.clamav.net |
12.36.150.184 | buscafacil.com |
219.113.177.173 | buscalo.in |
252.14.28.243 | busco.in |
110.185.148.70 | buy.bitdefender-es.com |
237.248.94.234 | buy.bitdefender.com |
1.69.52.223 | buy.bitdefender.de |
33.159.159.37 | buy.drweb.com |
79.141.24.120 | buy.rising.com.cn |
18.137.225.96 | ca.com |
226.25.251.85 | cacomvip.ca.com |
3.115.35.87 | cai.com |
117.97.155.239 | canada.karuna-shechen.org |
55.93.100.147 | castlecops.com |
7.238.126.136 | castlecrops.com |
40.71.166.206 | ccslaughterspdx.com |
154.54.30.33 | cddchiangmai.net |
25.49.231.9 | cdn.atwola.com |
44.126.2.254 | center.rising.com.cn |
77.27.41.0 | centralcommand.com |
123.10.161.151 | cert.org |
62.5.107.59 | cfan.com.cn |
14.82.133.48 | cgi.clamav.net |
46.240.240.118 | changedetection.com |
160.222.105.201 | changelog.fr |
99.218.50.109 | channelpartner.trendmicro.com |
51.38.8.98 | chickensroamfree.com |
84.196.115.168 | chkrootkit.org |
198.178.236.64 | chollian.nprotect.co.kr |
68.174.181.228 | cisrt.org |
88.251.139.217 | cit.kookmin.ac.kr |
121.152.247.31 | clamav.net |
235.135.111.114 | clamwin.com |
106.130.56.22 | click.atdmt.com |
57.207.83.11 | clicks.atdmt.com |
90.108.122.81 | cloudprotection.pandasecurity.com |
204.91.242.164 | clubic.com |
143.86.188.140 | cmmings.cn |
95.163.214.129 | cn.mcafee.com |
127.65.253.131 | cn.sophos.com |
241.47.118.26 | cn.trendmicro.com |
112.43.63.190 | codehard.wordpress.com |
132.119.89.179 | cohartuk.com |
165.21.129.249 | commentcamarche.net |
23.3.61.77 | community.thaiware.com |
149.255.6.53 | comodo.com |
101.76.220.42 | company.drweb.com |
134.233.72.44 | company.hauri.co.kr |
248.148.192.195 | company.hauri.net |
187.211.137.103 | computing.net |
138.32.96.92 | comunidad.wilkinsonpc.com.co |
51.69.83.42 | configurarequipos.com |
165.240.203.125 | coresecurity.com |
36.47.149.33 | cou85.com |
56.124.175.22 | cowsmo.com |
88.26.214.92 | cpsecure.com |
202.196.79.243 | csc.rising.com.cn |
73.4.24.151 | cureit.ru |
25.80.50.140 | customer.symantec.com |
126.238.89.210 | customers.drweb.com |
172.152.210.38 | cutlines.org |
110.216.155.202 | cwsandbox.org |
62.36.181.191 | cybercrime.pandasecurity.com |
95.194.221.5 | cyberdefender.com |
209.109.153.156 | cybertechhelp.com |
148.172.30.64 | daboweb.com |
99.249.57.53 | daniloff.net |
132.150.164.123 | daniweb.com |
246.65.28.206 | darkclockers.com |
117.128.230.114 | dazhizhu.cn |
137.205.188.103 | de.bitdefender.com |
169.39.39.173 | de.mcafee.com |
215.21.160.0 | de.trendmicro.com |
154.17.105.232 | deckard.geekstogo.com |
106.161.131.221 | deerfield.com |
139.251.170.223 | defalcos.com |
253.233.35.119 | definitions.symantec.com |
191.229.236.27 | dell.symantec.com |
143.117.6.16 | demos.eset.es |
176.207.46.86 | descargas.eset.es |
34.190.166.169 | dev.depeuter.org |
161.185.111.145 | developmentdrums.org |
180.6.138.134 | dialognauka.ru |
213.163.177.136 | diamondcs.com.au |
3.146.41.31 | dicasweb.com.br |
198.141.243.195 | discussions.virtualdr.com |
150.218.13.184 | disk-encryption.comodo.com |
182.120.120.254 | dl.360safe.com |
40.102.241.81 | dl1.antivir-pe.com |
235.98.186.245 | dl1.antivir-pe.de |
187.174.144.234 | dl1.antivir.de |
220.76.251.48 | dl1.avgate.net |
78.58.116.200 | dl10.freeav.net |
204.54.61.108 | dl2.antivir-pe.com |
224.130.19.97 | dl2.antivir-pe.de |
1.32.127.167 | dl2.antivir.de |
115.15.247.250 | dl2.avgate.net |
242.10.192.158 | dl3.antivir-pe.de |
193.87.219.147 | dl3.antivir.de |
226.244.2.217 | dl3.avgate.net |
84.227.122.44 | dl4.antivir-pe.com |
23.222.68.20 | dl4.antivir-pe.de |
231.43.94.9 | dl4.antivir.de |
7.201.133.11 | dl4.avgate.net |
121.183.254.162 | dl5.avgate.net |
248.179.199.70 | dl6.avgate.net |
12.255.225.59 | dl7.avgate.net |
45.157.8.129 | dl8.avgate.net |
38.19.77.93 | dl8.freeav.net |
165.15.22.69 | dl9.avgate.net |
117.91.236.58 | dl9.freeav.net |
150.249.88.60 | dnl-cd1.kaspersky-labs.com |
8.164.208.211 | dnl-cd10.kaspersky-labs.com |
203.227.153.119 | dnl-cd11.kaspersky-labs.com |
154.48.112.108 | dnl-cd12.kaspersky-labs.com |
187.205.219.178 | dnl-cd13.kaspersky-labs.com |
45.120.83.5 | dnl-cd2.kaspersky-labs.com |
172.183.29.169 | dnl-cd3.kaspersky-labs.com |
192.4.55.158 | dnl-cd4.kaspersky-labs.com |
224.162.94.228 | dnl-cd5.kaspersky-labs.com |
82.76.215.123 | dnl-cd6.kaspersky-labs.com |
209.140.160.31 | dnl-cd7.kaspersky-labs.com |
161.216.186.20 | dnl-cd8.kaspersky-labs.com |
6.118.225.90 | dnl-cd9.kaspersky-labs.com |
51.32.90.174 | dnl-cn1.kaspersky-labs.com |
246.96.35.82 | dnl-cn10.kaspersky-labs.com |
198.172.61.71 | dnl-cn11.kaspersky-labs.com |
231.74.101.141 | dnl-cn12.kaspersky-labs.com |
89.245.33.36 | dnl-cn13.kaspersky-labs.com |
28.52.166.200 | dnl-cn14.kaspersky-labs.com |
235.129.193.189 | dnl-cn15.kaspersky-labs.com |
12.30.44.3 | dnl-cn2.kaspersky-labs.com |
126.201.164.86 | dnl-cn3.kaspersky-labs.com |
253.8.110.250 | dnl-cn4.kaspersky-labs.com |
17.85.68.239 | dnl-cn5.kaspersky-labs.com |
49.175.175.53 | dnl-cn6.kaspersky-labs.com |
95.157.40.136 | dnl-cn7.kaspersky-labs.com |
34.153.241.112 | dnl-cn8.kaspersky-labs.com |
242.41.11.101 | dnl-cn9.kaspersky-labs.com |
19.131.50.103 | dnl-eu1.kaspersky-labs.com |
132.113.171.254 | dnl-eu10.kaspersky-labs.com |
71.109.116.163 | dnl-eu11.kaspersky-labs.com |
23.253.142.152 | dnl-eu12.kaspersky-labs.com |
56.87.182.222 | dnl-eu13.kaspersky-labs.com |
170.70.46.49 | dnl-eu14.kaspersky-labs.com |
41.65.247.25 | dnl-eu15.kaspersky-labs.com |
60.142.18.14 | dnl-eu2.kaspersky-labs.com |
93.43.57.16 | dnl-eu3.kaspersky-labs.com |
139.26.177.167 | dnl-eu4.kaspersky-labs.com |
78.21.123.75 | dnl-eu5.kaspersky-labs.com |
30.98.149.64 | dnl-eu6.kaspersky-labs.com |
62.0.0.134 | dnl-eu7.kaspersky-labs.com |
176.238.121.217 | dnl-eu8.kaspersky-labs.com |
115.234.66.125 | dnl-eu9.kaspersky-labs.com |
67.54.24.114 | dnl-jp1.kaspersky-labs.com |
100.212.131.184 | dnl-jp10.kaspersky-labs.com |
213.194.252.79 | dnl-jp11.kaspersky-labs.com |
84.190.197.244 | dnl-jp12.kaspersky-labs.com |
104.10.155.233 | dnl-jp13.kaspersky-labs.com |
137.168.7.47 | dnl-jp14.kaspersky-labs.com |
251.151.127.130 | dnl-jp15.kaspersky-labs.com |
122.146.72.38 | dnl-jp2.kaspersky-labs.com |
73.223.99.27 | dnl-jp3.kaspersky-labs.com |
178.196.210.169 | dnl-jp4.kaspersky-labs.com |
36.179.74.252 | dnl-jp5.kaspersky-labs.com |
231.175.20.228 | dnl-jp6.kaspersky-labs.com |
183.251.46.217 | dnl-jp7.kaspersky-labs.com |
216.153.85.219 | dnl-jp8.kaspersky-labs.com |
73.135.206.114 | dnl-jp9.kaspersky-labs.com |
200.131.151.22 | dnl-kr1.kaspersky-labs.com |
220.207.177.12 | dnl-kr10.kaspersky-labs.com |
253.109.217.82 | dnl-kr11.kaspersky-labs.com |
111.92.149.165 | dnl-kr12.kaspersky-labs.com |
237.87.94.141 | dnl-kr13.kaspersky-labs.com |
189.164.53.130 | dnl-kr15.kaspersky-labs.com |
222.65.160.132 | dnl-kr2.kaspersky-labs.com |
80.236.24.27 | dnl-kr3.kaspersky-labs.com |
19.43.225.191 | dnl-kr4.kaspersky-labs.com |
227.120.184.180 | dnl-kr5.kaspersky-labs.com |
3.21.35.250 | dnl-kr6.kaspersky-labs.com |
117.192.155.77 | dnl-kr7.kaspersky-labs.com |
244.0.101.241 | dnl-kr8.kaspersky-labs.com |
8.76.127.230 | dnl-kr9.kaspersky-labs.com |
41.234.166.44 | dnl-ru1.kaspersky-labs.com |
154.148.31.195 | dnl-ru10.kaspersky-labs.com |
25.212.232.103 | dnl-ru11.kaspersky-labs.com |
233.32.2.93 | dnl-ru12.kaspersky-labs.com |
78.190.42.163 | dnl-ru13.kaspersky-labs.com |
124.105.162.246 | dnl-ru14.kaspersky-labs.com |
62.168.107.154 | dnl-ru15.kaspersky-labs.com |
14.245.134.143 | dnl-ru2.kaspersky-labs.com |
47.146.173.213 | dnl-ru3.kaspersky-labs.com |
161.61.105.108 | dnl-ru4.kaspersky-labs.com |
100.124.238.16 | dnl-ru5.kaspersky-labs.com |
52.201.9.5 | dnl-ru6.kaspersky-labs.com |
84.102.116.75 | dnl-ru7.kaspersky-labs.com |
198.17.236.158 | dnl-ru8.kaspersky-labs.com |
69.81.182.66 | dnl-ru9.kaspersky-labs.com |
89.157.140.55 | dnl-us1.kaspersky-labs.com |
122.247.247.125 | dnl-us10.kaspersky-labs.com |
167.229.112.208 | dnl-us11.kaspersky-labs.com |
106.225.57.184 | dnl-us12.kaspersky-labs.com |
58.113.83.174 | dnl-us13.kaspersky-labs.com |
91.203.123.176 | dnl-us14.kaspersky-labs.com |
205.186.243.71 | dnl-us15.kaspersky-labs.com |
143.181.188.235 | dnl-us2.kaspersky-labs.com |
95.70.215.224 | dnl-us3.kaspersky-labs.com |
128.159.254.38 | dnl-us4.kaspersky-labs.com |
242.142.118.121 | dnl-us5.kaspersky-labs.com |
113.137.63.97 | dnl-us6.kaspersky-labs.com |
133.214.90.86 | dnl-us7.kaspersky-labs.com |
165.115.129.88 | dnl-us8.kaspersky-labs.com |
91.234.129.119 | dnl-us9.kaspersky-labs.com |
30.230.75.27 | dougknox.com |
238.50.101.16 | down.360safe.cn |
15.208.208.86 | down.360safe.com |
128.190.73.169 | download.avg.com |
67.186.18.77 | download.bleepingcomputer.com |
19.6.232.67 | download.com |
52.164.84.137 | download.com.vn |
166.146.204.32 | download.eset.com |
36.142.149.196 | download.f-secure.com |
56.219.108.185 | download.mcafee.com |
89.120.215.255 | download.microsoft.com |
203.103.79.82 | download.microsoft.comguru0.grisoft.cz |
74.98.24.246 | download.nai.com |
26.175.51.235 | download.norman.no |
58.76.90.49 | download.rising.com.cn |
172.59.210.132 | download.softpedia.com |
111.55.156.108 | download.sysinternals.com |
63.131.182.97 | download0.avast.com |
96.33.221.99 | download1.avast.com |
209.15.86.250 | download1.emsisoft.com |
80.11.31.158 | download1.quickheal.com |
100.87.57.148 | download10.quickheal.com |
133.245.97.218 | download100.avast.com |
247.227.29.45 | download1us.softpedia.com |
117.223.230.21 | download2.avast.com |
69.44.189.10 | download2.quickheal.com |
102.201.40.12 | download200.avast.com |
216.116.160.163 | download201.avast.com |
155.179.105.71 | download202.avast.com |
107.0.64.60 | download203.avast.com |
139.157.171.130 | download204.avast.com |
253.72.35.213 | download205.avast.com |
124.136.237.121 | download206.avast.com |
144.212.7.110 | download207.avast.com |
177.114.46.180 | download208.avast.com |
34.28.167.75 | download209.avast.com |
161.92.112.239 | download210.avast.com |
113.168.138.229 | download211.avast.com |
214.70.178.43 | download212.avast.com |
4.240.42.126 | download213.avast.com |
198.48.243.34 | download214.avast.com |
150.125.14.23 | download3.avast.com |
183.26.189.229 | download3.quickheal.com |
177.77.121.124 | download4.avast.com |
116.140.254.32 | download4.emsisoft.com |
67.217.25.21 | download4.quickheal.com |
100.118.132.91 | download5.avast.com |
214.33.252.174 | download5.emsisoft.com |
85.97.198.82 | download5.quickheal.com |
105.173.156.71 | download501.avast.com |
138.7.7.141 | download502.avast.com |
183.245.128.224 | download503.avast.com |
122.241.73.200 | download504.avast.com |
74.129.99.189 | download505.avast.com |
107.219.139.192 | download511.avast.com |
221.201.3.87 | download512.avast.com |
159.197.204.251 | download513.avast.com |
111.86.231.240 | download514.avast.com |
144.175.14.54 | download515.avast.com |
2.158.134.137 | download516.avast.com |
129.153.79.113 | download535.avast.com |
148.230.106.102 | download6.avast.com |
181.131.145.104 | download6.quickheal.com |
227.114.9.255 | download600.avast.com |
166.110.211.163 | download601.avast.com |
118.186.237.152 | download602.avast.com |
151.88.88.222 | download603.avast.com |
8.70.209.49 | download604.avast.com |
203.66.154.213 | download605.avast.com |
155.142.112.202 | download606.avast.com |
188.44.220.17 | download607.avast.com |
46.26.84.168 | download608.avast.com |
172.22.29.76 | download609.avast.com |
192.99.244.65 | download617.avast.com |
225.0.95.135 | download618.avast.com |
83.239.215.218 | download619.avast.com |
210.234.160.126 | download620.avast.com |
161.55.187.115 | download621.avast.com |
194.212.226.185 | download622.avast.com |
52.195.90.12 | download623.avast.com |
247.191.36.244 | download624.avast.com |
199.11.62.233 | download625.avast.com |
232.169.101.235 | download626.avast.com |
89.151.222.130 | download627.avast.com |
216.147.167.38 | download628.avast.com |
236.223.193.27 | download629.avast.com |
13.125.233.98 | download630.avast.com |
127.107.165.181 | download631.avast.com |
253.103.110.157 | download632.avast.com |
205.180.69.146 | download633.avast.com |
118.217.56.28 | download634.avast.com |
232.132.176.179 | download635.avast.com |
171.195.121.87 | download636.avast.com |
122.16.80.76 | download637.avast.com |
155.173.187.146 | download638.avast.com |
13.88.51.229 | download639.avast.com |
140.151.253.137 | download640.avast.com |
160.228.23.126 | download641.avast.com |
193.130.62.196 | download642.avast.com |
50.44.183.91 | download643.avast.com |
177.108.128.255 | download644.avast.com |
129.184.154.244 | download645.avast.com |
230.86.194.59 | download646.avast.com |
20.0.58.142 | download647.avast.com |
214.64.3.50 | download648.avast.com |
166.141.29.39 | download649.avast.com |
199.42.69.109 | download650.avast.com |
57.213.1.4 | download651.avast.com |
252.20.134.168 | download652.avast.com |
203.97.161.157 | download653.avast.com |
236.254.12.227 | download654.avast.com |
94.169.132.54 | download655.avast.com |
221.232.78.218 | download656.avast.com |
241.53.36.207 | download658.avast.com |
18.143.143.21 | download659.avast.com |
63.125.8.104 | download660.avast.com |
2.121.209.80 | download661.avast.com |
210.9.235.69 | download662.avast.com |
243.99.19.72 | download663.avast.com |
101.81.139.223 | download664.avast.com |
39.77.84.131 | download665.avast.com |
247.222.110.120 | download666.avast.com |
24.55.150.190 | download667.avast.com |
138.38.14.17 | download668.avast.com |
9.33.215.249 | download669.avast.com |
28.110.242.238 | download670.avast.com |
5.211.225.184 | download671.avast.com |
51.194.89.79 | download672.avast.com |
246.189.34.243 | download673.avast.com |
197.10.61.232 | download674.avast.com |
230.167.168.46 | download675.avast.com |
88.150.32.129 | download676.avast.com |
27.146.234.37 | download677.avast.com |
235.222.192.26 | download678.avast.com |
12.124.43.96 | download679.avast.com |
125.106.164.247 | download680.avast.com |
252.102.109.155 | download681.avast.com |
16.178.67.145 | download682.avast.com |
49.80.175.215 | download683.avast.com |
163.62.39.42 | download684.avast.com |
33.58.240.206 | download685.avast.com |
241.135.11.195 | download686.avast.com |
18.36.50.9 | download687.avast.com |
132.19.170.92 | download688.avast.com |
71.14.115.68 | download689.avast.com |
22.91.142.57 | download690.avast.com |
55.248.181.59 | download691.avast.com |
169.231.45.210 | download692.avast.com |
40.227.247.118 | download693.avast.com |
60.47.17.107 | download694.avast.com |
93.205.56.177 | download695.avast.com |
206.187.245.4 | download696.avast.com |
77.183.190.236 | download697.avast.com |
29.3.148.226 | download698.avast.com |
62.161.0.228 | download699.avast.com |
176.75.120.123 | download7.avast.com |
114.139.65.31 | download7.quickheal.com |
66.216.24.20 | download700.avast.com |
99.117.131.90 | download701.avast.com |
213.32.251.173 | download702.avast.com |
84.95.196.81 | download703.avast.com |
103.172.223.70 | download704.avast.com |
136.73.6.140 | download705.avast.com |
250.244.126.35 | download706.avast.com |
121.52.72.199 | download707.avast.com |
73.128.98.188 | download708.avast.com |
174.30.137.2 | download709.avast.com |
219.200.2.85 | download72.avast.com |
158.8.203.249 | download73.avast.com |
110.84.229.239 | download74.avast.com |
143.242.13.53 | download75.avast.com |
1.156.201.204 | download76.avast.com |
195.220.78.112 | download77.avast.com |
147.41.105.101 | download78.avast.com |
180.198.212.171 | download79.avast.com |
38.113.76.254 | download8.quickheal.com |
165.176.21.162 | download80.avast.com |
184.253.236.151 | download81.avast.com |
217.86.87.221 | download82.avast.com |
7.69.207.48 | download83.avast.com |
202.65.153.24 | download84.avast.com |
154.209.179.13 | download85.avast.com |
187.43.218.15 | download9.quickheal.com |
44.25.83.166 | download900.avast.com |
239.21.28.74 | download901.avast.com |
191.165.54.64 | download902.avast.com |
224.255.94.134 | download903.avast.com |
82.237.214.217 | download904.avast.com |
208.233.159.193 | download905.avast.com |
228.54.186.182 | download906.avast.com |
5.211.225.184 | download907.avast.com |
51.194.89.79 | download908.avast.com |
246.189.34.243 | download909.avast.com |
197.10.61.232 | download91.avast.com |
110.47.48.182 | download910.avast.com |
224.30.168.9 | download911.avast.com |
163.26.114.173 | download912.avast.com |
115.102.72.162 | download913.avast.com |
148.4.179.232 | download914.avast.com |
5.242.44.127 | download915.avast.com |
132.238.245.35 | download916.avast.com |
152.58.203.24 | download917.avast.com |
185.216.55.95 | download918.avast.com |
43.198.175.178 | download919.avast.com |
169.194.120.86 | download92.avast.com |
121.15.146.75 | download920.avast.com |
154.172.186.145 | download921.avast.com |
12.155.50.228 | download922.avast.com |
207.150.251.204 | download923.avast.com |
158.227.22.193 | download924.avast.com |
191.128.61.195 | download925.avast.com |
49.111.181.90 | download926.avast.com |
176.107.127.254 | download927.avast.com |
196.183.153.243 | download928.avast.com |
229.85.192.57 | download929.avast.com |
86.67.125.140 | download93.avast.com |
213.63.70.116 | download930.avast.com |
165.139.28.105 | download931.avast.com |
198.41.136.108 | download932.avast.com |
56.211.0.3 | download933.avast.com |
250.19.201.167 | download934.avast.com |
202.96.160.156 | download935.avast.com |
235.253.11.226 | download936.avast.com |
93.168.131.53 | download937.avast.com |
220.231.76.217 | download938.avast.com |
239.52.103.206 | download939.avast.com |
16.209.142.20 | download94.avast.com |
130.124.6.171 | download940.avast.com |
1.188.208.79 | download941.avast.com |
209.8.234.68 | download942.avast.com |
54.166.17.138 | download943.avast.com |
99.80.138.221 | download944.avast.com |
38.144.83.129 | download945.avast.com |
246.220.109.118 | download946.avast.com |
23.122.149.189 | download947.avast.com |
137.36.81.84 | download948.avast.com |
75.100.214.248 | download949.avast.com |
27.177.241.237 | download95.avast.com |
60.78.92.51 | download950.avast.com |
174.249.212.134 | download951.avast.com |
45.56.157.42 | download952.avast.com |
64.133.116.31 | download953.avast.com |
97.222.223.101 | download954.avast.com |
143.205.87.184 | download955.avast.com |
82.201.33.160 | download956.avast.com |
34.89.59.149 | download957.avast.com |
67.179.98.151 | download958.avast.com |
180.161.219.46 | download959.avast.com |
119.157.164.210 | download96.avast.com |
71.45.190.199 | download960.avast.com |
104.135.230.14 | download961.avast.com |
218.117.94.97 | download962.avast.com |
88.113.39.73 | download963.avast.com |
108.190.65.62 | download964.avast.com |
141.91.105.64 | download965.avast.com |
187.74.225.215 | download966.avast.com |
126.69.170.123 | download967.avast.com |
77.146.197.112 | download968.avast.com |
110.47.48.182 | download969.avast.com |
224.30.168.9 | download97.avast.com |
163.26.114.173 | download970.avast.com |
115.102.72.162 | download971.avast.com |
148.4.179.232 | download972.avast.com |
5.242.44.127 | download973.avast.com |
132.238.245.35 | download974.avast.com |
32.194.83.160 | download975.avast.com |
65.96.191.231 | download976.avast.com |
179.78.55.58 | download977.avast.com |
49.74.0.222 | download978.avast.com |
1.151.26.211 | download979.avast.com |
34.52.66.25 | download98.avast.com |
148.35.186.108 | download980.avast.com |
87.30.131.84 | download99.avast.com |
38.107.158.73 | downloads-eu1.kaspersky-labs.com |
71.8.197.75 | downloads-eu2.kaspersky-labs.com |
185.247.61.226 | downloads-eu3.kaspersky-labs.com |
56.242.7.134 | downloads-eu4.kaspersky-labs.com |
76.63.33.123 | downloads-us1.kaspersky-labs.com |
109.221.72.193 | downloads-us2.kaspersky-labs.com |
222.203.5.20 | downloads-us3.kaspersky-labs.com |
93.199.206.252 | downloads-us4.kaspersky-labs.com |
45.19.164.241 | downloads.andymanchesta.com |
78.177.16.244 | downloads.malwarebytes.org |
192.91.136.139 | downloads.microsoft.com |
130.155.81.47 | downloads.My-eTrust.com |
82.232.39.36 | downloads1.kaspersky-labs.com |
115.133.147.106 | downloads2.kaspersky-labs.com |
229.48.11.189 | downloads3.kaspersky-labs.com |
100.111.212.97 | downloads4.kaspersky-labs.com |
119.188.239.86 | downloads5.kaspersky-labs.com |
152.89.22.156 | dr-web-cureit.softonic.com |
10.4.142.51 | drsolomon.com |
137.67.88.215 | drweb-inside.com |
89.144.114.204 | drweb.com |
190.46.153.18 | drweb.com.es |
235.216.18.101 | drweb.net |
174.24.219.9 | drwebinside.com |
126.100.245.254 | dswlab.com |
159.2.29.69 | duba.net |
17.172.217.220 | ealaddin.net |
211.236.94.128 | ealaddin.orgeshop.aladdin.com |
163.57.120.117 | easy-vpn.comodo.com |
196.214.228.187 | edm.symantec.com |
54.129.92.14 | education.symantec.com |
181.192.37.178 | eeload.com |
200.13.252.167 | eeye.com |
233.102.103.237 | eicar.org |
23.85.223.64 | elblogdemanu.com |
218.80.169.40 | elitepvpers.de |
170.225.195.29 | emea.trendmicro.com |
203.59.234.31 | emsisoft.com |
60.41.99.182 | emsisoft.de |
255.37.44.90 | encarta.msn.com |
207.181.70.79 | engine.awaps.net |
240.15.110.150 | enterprisesecur.symantec.com |
98.253.230.233 | eos.eset.es |
224.249.175.209 | eradicatespyware.net |
244.70.201.198 | es.answers.yahoo.com |
21.227.241.200 | es.kioskea.net |
67.210.105.95 | es.mcafee.com |
6.205.50.3 | es.trendmicro.com |
213.26.77.248 | es.wasalive.com |
246.183.184.62 | esafe.com |
104.166.48.145 | esecurity.livecall.co.kr |
43.161.250.53 | eset-la.com |
131.118.88.178 | eset.com |
163.20.195.248 | eset.es |
21.2.60.143 | eset.sk |
148.254.5.51 | esp.sophos.com |
168.74.219.40 | espanol.answers.yahoo.com |
201.232.71.110 | espanol.dir.groups.yahoo.com |
59.214.191.194 | espanol.groups.yahoo.com |
185.210.136.102 | esupport.trendmicro.com |
137.31.162.91 | et.symantec.com |
170.188.202.161 | etrr.co.uk |
28.171.66.244 | eugrantsadvisor.cz |
223.166.11.220 | eugrantsadvisor.de |
174.243.38.209 | eval.symantec.com |
207.144.77.211 | ewido.net |
65.127.197.106 | exchangeyourcareer.net |
192.122.143.14 | experts-exchange.com |
212.199.169.3 | f-prot.com |
244.101.208.73 | f-secure.com |
102.83.141.156 | f-secure.frf-secure.hk |
229.79.86.132 | f-secure.nlfsecure.com |
181.155.44.121 | fastclick.net |
214.57.152.124 | feedage.com |
72.227.16.19 | feeds.sophos.com |
10.35.217.183 | feeds.trendmicro.com |
218.112.175.172 | file.ikaka.cn |
251.13.27.242 | file.ikaka.com |
109.184.147.69 | file.net |
236.247.92.233 | files.avast.com |
255.68.119.222 | files.filefont.com |
32.225.158.36 | files.trendmicro-europe.com |
146.140.22.187 | filseclab.com |
17.203.224.95 | final4ever.com |
225.24.250.84 | finjan.com |
69.182.33.154 | firewall.sunbeltsoftware.com |
115.96.154.237 | firewallguide.com |
54.160.99.145 | fixmyim.com |
6.236.125.134 | foro.ethek.com |
39.138.165.205 | foros.toxico-pc.com |
153.52.97.100 | foros.zonavirus.com |
91.116.230.8 | forospanish.com |
43.193.0.253 | forospyware.com |
76.94.108.67 | forospyware.es |
190.9.228.150 | fortiguardcenter.com |
61.72.173.58 | fortihero.com |
80.149.132.47 | fortilog.com |
113.238.239.117 | fortinet.co.at |
159.221.103.200 | fortinet.com |
98.216.49.176 | fortiprotect.com |
122.177.147.237 | fortiwifi.com |
155.11.186.239 | forum.clubedohardware.com.br |
12.249.51.134 | forum.emsisoft.com |
207.245.252.43 | forum.hardware.fr |
159.133.22.32 | forum.hijackthis.de |
192.223.62.102 | forum.ikaka.com |
50.206.182.185 | forum.jiangmin.com |
177.201.127.161 | forum.kaspersky.com |
196.22.154.150 | forum.malekal.com |
229.179.193.152 | forum.piriform.com |
19.162.57.47 | forum.securitycadets.com |
214.157.3.211 | forum.sysinternals.com |
166.234.29.200 | forum.telecharger.01net.com |
198.136.136.14 | forum.tweaks.com |
56.118.0.97 | forum.zazana.com |
251.114.202.5 | forums.cnet.com |
203.190.160.250 | forums.comodo.com |
236.92.11.64 | forums.devshed.com |
93.74.132.215 | forums.maddoktor2.com |
220.70.77.124 | forums.majorgeeks.com |
240.146.35.113 | forums.techguy.org |
17.48.143.183 | forums.whatthetech.com |
131.31.7.10 | fr.bitdefender.com |
2.26.208.174 | fr.drweb.com |
209.103.235.163 | fr.mcafee.com |
242.4.18.233 | fr.trendmicro.com |
100.243.138.60 | fr1.drweb.com |
39.238.84.36 | fr2.drweb.com |
247.59.110.25 | fr3.drweb.com |
23.217.149.27 | fr4.drweb.com |
137.199.13.178 | fr5.drweb.com |
8.195.215.86 | fr6.drweb.com |
28.15.241.75 | fr7.drweb.com |
61.173.24.145 | fractus.mat.uson.mx |
174.155.213.228 | free-av.com |
45.151.158.205 | free-av.net |
253.227.116.194 | free.antivirus.com |
30.129.224.196 | free.avg.com |
144.44.88.91 | free.drweb.com |
83.107.33.255 | free.grisoft.com |
34.184.248.244 | free.grisoft.cz |
67.85.99.58 | free.pandasecurity.com |
181.0.219.141 | free.prevx.com |
52.63.165.49 | free.tinypicbox.com |
72.140.191.38 | freeav.com |
104.42.230.108 | freeav.net |
218.212.94.3 | freespywareremoval.info |
89.20.40.167 | frisk-software.com |
41.96.66.156 | fsc.norman.com |
142.254.105.226 | fsecure.nlwebyard.com |
187.168.226.53 | ftp.avp.com |
126.232.171.218 | ftp.bitdefender.com |
78.52.197.207 | ftp.ca.co |
111.210.237.21 | ftp.ca.com |
225.125.169.172 | ftp.customer.symantec.com |
164.188.46.80 | ftp.dispatch.mcafee.com |
115.9.73.69 | ftp.download.mcafee.com |
148.166.180.139 | ftp.downloads-eu1.kaspersky-labs.com |
6.81.44.222 | ftp.downloads-eu2.kaspersky-labs.com |
133.144.246.130 | ftp.downloads-eu3.kaspersky-labs.com |
153.221.204.119 | ftp.downloads-eu4.kaspersky-labs.com |
185.55.55.189 | ftp.downloads-us1.kaspersky-labs.com |
231.37.175.16 | ftp.downloads-us2.kaspersky-labs.com |
170.33.121.248 | ftp.downloads-us3.kaspersky-labs.com |
122.177.147.237 | ftp.downloads-us4.kaspersky-labs.com |
155.11.186.239 | ftp.downloads1.kaspersky-labs.com |
12.249.51.134 | ftp.downloads2.kaspersky-labs.com |
207.245.252.43 | ftp.downloads3.kaspersky-labs.com |
159.133.22.32 | ftp.downloads4.kaspersky-labs.com |
192.223.62.102 | ftp.drweb.com |
50.206.182.185 | ftp.esafe.com |
177.201.7.41 | ftp.europe.f-secure.com |
76.158.34.30 | ftp.f-prot.com |
109.59.73.32 | ftp.f-secure.com |
155.42.193.183 | ftp.grisoft.com |
94.37.139.91 | ftp.kaspersky-labs.com |
46.114.165.80 | ftp.kaspersky.com |
78.15.16.150 | ftp.kasperskylab.ru |
192.254.136.233 | ftp.liveupdate.symantec.com |
131.250.82.141 | ftp.liveupdate.symantecliveupdate.com |
83.70.40.130 | ftp.mast.mcafee.com |
116.228.147.200 | ftp.mcafee.com |
229.210.12.95 | ftp.microworldsystems.com |
100.206.213.4 | ftp.my-etrust.com |
120.26.171.249 | ftp.nai.com |
153.184.23.63 | ftp.networkassociates.com |
11.167.143.146 | ftp.norton.com |
138.162.88.54 | ftp.rads.mcafee.com |
89.239.115.43 | ftp.sandbox.norman.com |
122.140.154.113 | ftp.secure.nai.com |
236.123.18.196 | ftp.securityresponse.symantec.com |
175.118.220.172 | ftp.sophos.com |
127.195.246.161 | ftp.symantec.com |
159.96.29.163 | ftp.symantecliveupdate.com |
17.79.149.58 | ftp.symatec.com |
144.75.95.222 | ftp.trendmicro.com |
164.151.121.211 | ftp.uk.trendmicro-europe.com |
197.53.160.25 | ftp.update.symantec.com |
54.35.93.108 | ftp.updates.symantec.com |
181.31.38.85 | ftp.updates1.kaspersky-labs.com |
133.107.252.74 | ftp.updates2.kaspersky-labs.com |
166.9.104.76 | ftp.updates3.kaspersky-labs.com |
24.180.224.227 | ftp.updates4.kaspersky-labs.com |
218.243.169.135 | ftp.us.mcafee.com |
170.64.128.124 | ftp.viruslist.com |
203.221.235.194 | funkytoad.com |
61.136.99.21 | futurenow.bitdefender.com |
188.199.45.65 | fw.rising.com.cn |
88.156.207.54 | fx.dk |
120.57.246.124 | gangbang.mytijn.org |
234.228.110.19 | gdata.de |
105.36.56.183 | gdata.es |
57.112.82.172 | gecadsoftware.com |
158.14.121.242 | geekstogo.com |
203.184.242.69 | global.ahnlab.com |
142.248.187.233 | global.jiangmin.com |
94.68.213.223 | global.nprotect.com |
127.226.253.37 | go.mcafee.com |
241.141.185.188 | go.microsoft.com |
179.204.62.96 | go.rising.com.cn |
131.25.89.85 | go.sunbeltsoftware.com |
164.182.196.155 | go.symantec.com |
22.97.60.238 | go.trendmicro.com |
149.160.6.146 | greatis.com |
169.237.220.135 | grisoft.com |
201.70.71.205 | grisoft.cz |
247.53.191.32 | grv.microsoft.com |
186.49.137.8 | guiadohardware.net |
138.193.163.253 | guru.avg.com |
171.27.202.255 | guru1.grisoft.cz |
28.9.67.150 | guru2.grisoft.cz |
223.5.12.58 | guru3.grisoft.cz |
175.149.38.48 | guru4.grisoft.cz |
208.239.78.118 | guru5.grisoft.cz |
66.222.198.201 | gwava.nl |
192.217.143.177 | hacksoft.com.pe |
212.38.170.166 | hacksoft.pe |
245.195.209.48 | halmapr.com |
171.58.209.199 | hauri.co.kr |
110.53.154.107 | hauri.net |
62.130.181.96 | haurijapan.com |
94.31.32.166 | help.rising.com.cn |
208.14.152.249 | hi.baidu.com |
147.10.98.157 | hijackthis.de |
99.86.56.146 | hijackthis.download3000.com |
132.244.163.216 | hishomeforchildren.com |
245.226.28.111 | hjt-data.trend-braintree.com |
116.222.229.19 | hjt.networktechs.com |
136.42.187.9 | home.mcafee.com |
169.200.39.79 | hostedmailsecur.symantec.com |
27.182.159.162 | hotshare.net |
153.178.104.70 | housecall.com |
105.255.131.59 | housecall.trendmicro.com |
138.156.170.129 | housecall60.trendmicro.com |
252.139.34.212 | housecall65.trendmicro.com |
191.134.235.188 | howsafeismypc.com |
143.211.6.177 | huaifai.go.th |
175.112.45.179 | i-vault.comodo.com |
33.95.165.74 | iavs.cz |
160.91.111.238 | ibusca.me |
180.167.137.227 | idauthority.com |
213.69.176.41 | ids.kaspersky-labs.com |
70.51.109.124 | ieupdate.gdata.de |
197.47.54.100 | ieupdate1.gdata.de |
149.123.12.90 | ieupdate2.gdata.de |
182.25.120.92 | ieupdate3.gdata.de |
239.139.184.186 | ieupdate4.gdata.de |
178.203.129.95 | ieupdate5.gdata.de |
130.23.87.84 | ieupdate6.gdata.de |
163.181.195.154 | ikaka.cn |
21.96.59.237 | ikaka.com |
147.159.4.145 | ikarus.at |
167.236.31.134 | ikarus.net |
200.137.70.204 | ilove.tigolbittys.info |
58.52.190.99 | images.kaspersky.com |
185.115.136.7 | in.answers.yahoo.com |
137.192.162.252 | incodesolutions.com |
237.93.201.66 | info.drweb.com |
27.8.65.149 | info.prevx.com |
222.72.11.57 | infos-du-net.com |
174.148.37.46 | infosecpodcast.com |
207.50.76.116 | infospyware.com |
64.220.9.11 | inicioid.com |
3.28.142.176 | iniciorapido.info |
211.104.168.165 | inline-software.de |
244.6.20.235 | internetsecurity.comodo.com |
102.177.140.62 | intranet.cidiroax.ipn.mx |
228.240.85.226 | investor.symantec.com |
248.61.44.215 | irc.bigshitsandwich.org |
25.150.151.29 | irc.metraiciono.com |
71.133.15.112 | iseclab.org |
10.128.217.88 | isotopecomics.com |
98.153.123.213 | iss.net |
130.242.162.215 | it.answers.yahoo.com |
244.225.26.110 | it.bitdefender.com |
183.221.228.18 | it.mcafee.com |
135.109.254.7 | it.trendmicro.com |
168.199.37.77 | itw.trendmicro.com |
25.181.158.160 | ixomodels.com |
152.177.103.136 | ixostore.ixomodels.com |
172.253.129.126 | javacoolsoftware.com |
205.155.169.128 | jetico.com |
251.138.33.23 | jiangmin.com |
189.133.234.187 | jiangmin.com.cn |
141.210.5.176 | jobs.bitdefender.com |
174.111.112.246 | jotti.org |
32.94.232.73 | jp.mcafee.com |
227.89.177.237 | jp.trendmicro.com |
179.166.136.226 | justfacebook.net |
211.67.243.40 | k-otik.com |
69.50.107.191 | k7computing.com |
196.46.53.99 | kaba.360.cn |
216.122.11.88 | kaba.360.com |
249.24.118.158 | karuna-shechen.org |
106.6.239.241 | kaspersky-fr.com |
233.2.184.149 | kaspersky-labs.com |
65.214.90.19 | kaspersky.co.jp |
98.116.130.89 | kaspersky.co.uk |
212.98.250.172 | kaspersky.com |
150.94.195.148 | kaspersky.com.cn |
102.171.222.137 | kaspersky.dk |
135.72.5.139 | kaspersky.es |
249.55.125.34 | kaspersky.gr |
120.50.70.198 | kaspersky.pl |
140.127.97.187 | kaspersky.ru |
172.28.136.1 | kaspersky.se |
30.11.68.84 | kasperskylab.co.kr |
157.7.14.60 | kasperskylab.nl |
109.83.228.49 | kav.ru |
142.241.79.51 | kav.zonelabs.com |
255.155.200.202 | kb.bitdefender.com |
194.219.145.110 | kb.bitdefender.de |
146.39.103.100 | kb.bitdefender.us |
179.197.211.170 | kerio.com |
37.111.75.253 | kimzimmer.net |
163.175.20.161 | kioskea.net |
183.252.47.150 | kpfans.com |
216.153.86.220 | kr.ahnlab.com |
74.68.206.115 | kr.sophos.com |
201.131.151.23 | krupunmai.com |
153.208.178.12 | kvup.jiangmin.com |
253.109.217.82 | kztechs.com |
43.24.81.165 | l33t.shadow-mods.net |
238.88.27.73 | la.trendmicro.com |
190.164.53.62 | ladooscuro.es |
223.66.92.132 | laneros.com |
216.116.161.163 | latam.kaspersky.com |
155.180.38.71 | latin.bitdefender.com |
107.0.64.60 | lavasoft.com |
140.158.172.131 | lavasoft.nu |
254.72.36.214 | lavasoftusa.com |
124.136.237.122 | lexikon.ikarus.at |
144.213.196.111 | license.drweb.com |
177.46.47.181 | linhadefensiva.org |
223.29.167.8 | linhadefensiva.uol.com.br |
162.24.112.240 | linux.bitdefender.com |
113.169.139.229 | lists.clamav.net |
146.2.178.231 | liutilities.com |
4.241.42.126 | live.sunbeltsoftware.com |
199.237.244.34 | liveprotect.net |
151.125.14.23 | liveupdate.symantec.com |
184.215.53.93 | liveupdate.symantec.d4p.net |
41.197.174.176 | liveupdate.symantecliveupdate.com |
168.193.119.152 | looknstop.com |
188.13.145.141 | lovings.technigoyous.net |
221.171.185.144 | lurker.clamav.net |
11.153.49.39 | mailcenter.rising.com |
22.221.66.19 | mailcenter.rising.com.cn |
229.42.93.8 | majorgeeks.com |
6.199.200.78 | mall.hauri.co.kr |
120.182.64.161 | malwarebytes.org |
59.177.10.69 | malwarecity.com |
11.254.224.58 | malwarecity.netmalwarecity.org |
43.156.75.128 | malwaredomainlist.com |
157.138.196.23 | malwarepedia.com |
28.134.141.187 | malwareremoval.com |
48.210.99.176 | malwarescan.emsisoft.com |
81.112.206.246 | malwarescan.emsisoft.de |
195.94.71.74 | malwarescan.emsisoft.es |
65.90.16.238 | mamutu.com |
17.167.42.227 | manuelruvalcaba.com |
50.68.82.41 | marian.symantec.com |
164.51.202.124 | mast.mcafee.com |
103.46.147.100 | mcafee-at-home.com |
54.123.174.89 | mcafee.com |
87.24.213.91 | mcafeeb2b.com |
201.7.77.242 | mcafeefans.com |
72.2.23.150 | mcafeeretail.com |
92.79.49.139 | mcaffee.com |
124.237.88.209 | me.kaspersky.com |
238.219.21.36 | media.fastclick.net |
109.215.222.12 | megasecurity.org |
61.35.180.1 | merijn.org |
94.193.31.3 | metascan-online.com |
208.107.152.155 | microsoft.com |
146.171.97.63 | microsoft.fr |
98.248.55.52 | midescargas.com |
131.149.163.122 | mirror02.gdata.de |
245.64.27.205 | misec.net |
116.127.228.113 | mmsk.cn |
135.204.255.102 | moneybookers.com |
168.105.38.172 | moosoft.com |
26.20.158.67 | mop.pandasecurity.com |
33.219.240.111 | mostz.com |
241.40.10.100 | mozilla-hispano.org |
85.198.49.170 | msdn.microsoft.com |
131.112.170.253 | msk.drweb.com |
70.176.115.161 | msk1.drweb.com |
22.252.141.150 | msk2.drweb.com |
55.154.180.220 | msk3.drweb.com |
169.68.113.116 | msk4.drweb.com |
107.132.246.24 | msk5.drweb.com |
59.208.16.13 | msk6.drweb.com |
92.110.124.83 | msk7.drweb.com |
206.25.244.166 | msncleaner.softonic.com |
77.88.189.74 | msnfix.changelog.fr |
96.165.148.63 | msnvirusremoval.com |
129.254.255.133 | msr.mcafee.com |
175.237.119.216 | mvps.org |
114.232.65.192 | mx.answers.yahoo.com |
66.121.91.181 | mx.mcafee.com |
98.211.130.183 | mxttchina.com |
212.193.251.78 | my-etrust.com |
151.189.196.242 | my.drweb.com |
103.77.222.231 | mygeekside.com |
136.167.5.45 | nabble.com |
249.149.126.129 | nai.com |
120.145.71.105 | natsko.com |
140.221.97.94 | naturesimages.net |
173.123.137.96 | net-security.org |
219.106.1.247 | network.drweb.com |
158.101.202.155 | networkassociates.com |
245.58.109.24 | networkassociates.nai.com |
22.215.216.94 | networkworld.com |
136.198.80.177 | neunet.orgnews.bitdefender.com |
75.193.26.85 | new-beta.drweb.com |
27.14.240.74 | new-company.drweb.com |
59.172.91.144 | new-estore.drweb.com |
173.154.212.39 | new-forum.drweb.com |
44.150.157.203 | new-partners.drweb.com |
64.226.115.192 | new-solutions.drweb.com |
97.128.222.6 | new-support.drweb.com |
210.110.87.89 | new-www.drweb.com |
81.106.32.254 | new.taringa.net |
33.182.58.243 | news.drweb.com |
66.84.98.57 | newsletters.trendmicro.com |
180.67.218.140 | niueight.norman.no |
119.62.163.116 | niufive.norman.no |
70.139.190.105 | niufour.norman.no |
103.40.229.107 | niunine.norman.no |
217.23.93.2 | niuone.norman.no |
88.18.39.166 | niuseven.norman.no |
108.95.65.155 | niusix.norman.no |
140.253.104.225 | niuthree.norman.no |
254.235.37.52 | niutwo.norman.no |
125.231.238.28 | nl.bitdefender.com |
77.51.196.17 | noadware.net |
110.209.47.19 | nod32.co.uk |
223.123.168.170 | nod32.com |
162.187.113.79 | nod32.datsec.de |
114.7.71.68 | nod32.lu |
147.165.179.138 | nod32.ru |
5.80.43.221 | norman.com |
132.143.244.129 | norton.com |
151.220.15.118 | notifier.antivir-pe.de |
184.121.54.68 | novirusthanks.org |
178.172.54.219 | nprobeta.norman.com |
49.235.0.127 | nprotect.com |
1.56.26.116 | nprotect.net |
101.213.65.186 | nprotect.seoul.go.kr |
147.128.185.13 | nsclean.com |
86.192.131.177 | ntfaq.co.kr |
38.12.157.166 | obscgi.mcafee.com |
71.170.196.236 | oem.sunbeltsoftware.com |
184.84.129.131 | offensivecomputing.net |
123.148.6.40 | office.microsoft.com |
75.224.32.29 | oldtimer.geekstogo.com |
108.126.140.99 | one.tinypicbox.com |
222.41.4.182 | onecare.live.com |
93.104.205.90 | online-backup.comodo.com |
112.181.164.79 | online.jiangmin.com |
145.14.15.149 | online.rising.com.cn |
191.253.135.232 | onlinecheck.emsisoft.com |
130.248.81.208 | onlinecheck.emsisoft.de |
82.137.107.197 | onlinecheck.emsisoft.net |
114.227.146.199 | onlinecheck.emsisoft.org |
228.209.10.94 | onlinescan.avast.com |
167.205.212.2 | openantivirus.org |
119.93.238.247 | outpost.pl |
152.183.21.61 | ozzu.com |
9.165.142.144 | p3dev.taringa.net |
136.161.87.121 | pandalabs.pandasecurity.com |
101.183.59.55 | pandasecurity.com |
134.84.98.57 | pandasoftware.com |
180.67.218.208 | pandasoftware.es |
119.62.164.116 | pantip.com |
71.139.190.105 | pcav.cn |
103.41.41.175 | pccreg.antivirus.com |
217.23.162.2 | pccreg.trendmicro.com |
156.19.107.166 | pcentraide.com |
108.95.65.155 | pcguide.com |
141.253.172.225 | pchell.com |
254.235.37.121 | pcinternetpatrol.com |
125.231.238.29 | pcsupportadvisor.com |
145.51.196.18 | pctools.com |
178.209.48.88 | pda.drweb.com |
36.192.168.171 | pedidos.protegerse.com |
163.187.113.79 | personal.psu.edu |
250.144.20.204 | personalfirewall.comodo.com |
27.45.59.18 | pestpatrol.com |
141.28.179.101 | pg.hauri.net |
80.23.125.77 | phx.corporate-ir.net |
32.100.151.66 | pineleafboys.com |
64.2.190.68 | podcasts.sophos.com |
178.240.55.219 | pogonyuto.forospanish.com |
49.236.0.127 | precisesecurity.com |
69.56.26.116 | prevx.com |
102.214.65.186 | privacy.microsoft.com |
215.196.254.13 | products.drweb.com |
86.192.199.246 | promotions.drweb.com |
38.12.157.235 | psnw.com |
71.170.9.237 | pspl.com |
185.85.129.132 | pvtc.org |
124.148.74.40 | qqjkw.net |
211.105.169.165 | quickheal.co.in |
244.6.20.235 | quickheal.com |
102.177.140.62 | radius.turvamies.com |
229.240.86.226 | rads.mcafee.com |
249.61.112.215 | ravantivirus.com |
25.218.151.29 | raymond.cc |
139.133.15.180 | reg-int.nod32-es.com |
10.197.217.88 | reg.eset.es |
218.17.243.77 | reg.rising.com.cn |
63.175.26.147 | register.norman.com |
108.89.147.230 | removetrojanvirus.org |
47.153.92.139 | renewalcenter.symantec.com |
255.229.118.128 | renewals.bitdefender.com |
32.131.158.198 | research.microsoft.com |
146.46.90.93 | research.pandasecurity.com |
85.109.223.1 | research.sunbelt-software.com |
36.186.250.246 | resplendence.com |
69.87.101.60 | retail.sp.f-secure.com |
183.2.221.143 | retail01.sp.f-secure.com |
54.65.167.51 | retail02.sp.f-secure.com |
74.142.125.40 | ribbonwarehouse.com |
242.111.112.246 | rising-global.com |
32.94.232.73 | rising.com |
227.90.178.49 | rising.com.cn |
179.234.204.38 | rolandovera.com |
212.68.243.40 | rootkit.com |
69.50.108.191 | rootkit.nl |
8.46.53.100 | rover800.gaima.co.uk |
216.190.79.89 | roysephotos.com |
249.24.119.159 | ru.trendmicro.com |
107.7.239.58 | ruben.bzin.net |
50.74.0.34 | runscanner.net |
69.151.27.23 | safe.qq.com |
102.52.66.25 | safecomputing.umn.edu |
148.35.186.176 | safer-networking.org |
87.31.132.84 | safetynet.com |
39.107.158.73 | sales.bitdefender.com |
72.9.9.143 | samroeng.hi5.com |
185.247.130.226 | sandbox.norman.com |
124.243.75.134 | sandboxie.com |
76.63.33.123 | sapcupgrades.com |
109.221.141.194 | sarahmcconnellphotography.net |
223.203.5.89 | saverssite.com |
93.199.206.253 | scan.anti-trojan.net |
113.20.164.242 | scan.kingsoft.com |
146.177.16.56 | scan4you.net |
4.160.136.139 | scanner.novirusthanks.org |
131.155.81.47 | scanner.virus.org |
82.232.108.36 | scanner2.novirusthanks.or |
115.133.147.106 | schemas.microsoft.com |
229.116.11.69 | schemas.xmlsoap.org |
48.247.93.45 | sea.symantec.com |
0.68.119.34 | search.ca.com |
33.226.158.36 | search.mcafee.com |
146.208.23.187 | search.symantec.com |
17.204.224.95 | seasonsecurity.com |
37.24.250.84 | secdreg.org |
70.182.34.155 | secubox.aldria.com |
184.164.222.238 | secunia.com |
54.160.167.214 | secure-email.comodo.com |
6.237.125.203 | secure.av-desk.com |
39.138.233.205 | secure.nai.com |
153.53.97.100 | securecomputing.com |
92.116.42.8 | secureme.com |
43.193.1.253 | securitoo.com |
76.94.108.67 | security.symantec.com |
190.9.228.150 | securitycheck.symantec.com |
61.72.174.58 | securitynewsportal.com |
217.29.80.183 | securityrespons.symantec.com |
249.187.119.253 | securityresponse.symantec.com |
107.101.240.148 | securitywonks.net |
234.165.185.56 | secuser.com |
186.241.211.45 | secuser.model-fx.com |
31.143.251.115 | sergiwa.com |
77.57.115.199 | service.mcafee.com |
15.121.60.107 | service1.symantec.com |
223.198.86.96 | servicenews.symantec.com |
0.99.126.166 | sfdoccentral.symantec.com |
114.14.58.61 | shadow.grisoft.cz |
53.77.191.225 | shadu.baidu.com |
4.154.218.214 | shadu.duba.net |
37.55.69.28 | shield.prevx.com |
151.226.189.111 | shop.hauri.co.kr |
22.33.135.19 | shop.pandasecurity.com |
42.110.93.8 | shop.sunbeltsoftware.com |
74.200.200.78 | shop.symantec.com |
0.62.201.41 | shop.trendmicro.com |
195.58.146.17 | shudoo.com |
147.202.172.6 | simplysup.com |
180.36.211.8 | siren24.nprotect.com |
38.18.76.160 | siteadvisor.com |
232.14.21.68 | sitedirector.symantec.com |
184.158.47.57 | smallbiz.symantec.com |
217.248.87.127 | smbstore.trendmicro.com |
75.231.207.210 | smokey-services.eu |
202.226.152.186 | soccersuck.com |
221.47.179.175 | softfaq.com |
254.204.218.177 | softonic.com |
44.187.82.72 | software-files.download.com |
239.182.28.236 | solutions.drweb.com |
191.3.54.225 | sophos.com |
223.161.161.39 | sophos.fr |
81.143.26.122 | sophos1.ucd.ie |
20.139.227.30 | sophos10.ucd.ie |
228.215.185.19 | sophos2.ucd.ie |
5.117.36.89 | sophos5.ucd.ie |
119.99.157.241 | sophos6.ucd.ie |
245.95.102.149 | sophos7.ucd.ie |
9.172.60.81 | sophos8.ucd.ie |
242.17.112.152 | sophos9.ucd.ie |
100.255.232.235 | soporte.pandasecurity.com |
226.251.177.143 | sos.rising.com.cn |
178.72.203.132 | sosvirus.changelog.fr |
211.229.243.202 | spd.atdmt.com |
69.212.107.29 | specs.xmlsoap.org |
8.207.52.5 | speedtest.comodo.com |
215.28.79.250 | spftrl.digitalriver.com |
248.185.118.252 | spyany.com |
106.168.238.147 | spyblocker-software.com |
233.163.184.55 | spybot.info |
253.240.210.44 | spycheck.co.uk |
29.142.249.114 | spycheck.es |
143.124.182.197 | spychecker.com |
14.120.127.173 | spycop.com |
222.196.85.162 | spywaredb.com |
255.98.193.165 | spywaredlls.prevx.com |
113.12.57.60 | spywarefiles.prevx.com |
51.76.2.224 | spywareguide.com |
3.153.216.213 | spywareinfo.com |
36.54.68.27 | spywareterminator.com |
30.105.68.246 | square.bitdefender.com |
157.168.13.154 | static.yoreparo.com |
176.245.40.143 | stats.norton.com |
209.146.79.213 | stdio-labs.blogspot.com |
67.61.199.108 | stiller.com |
194.124.145.16 | store.bitdefender.com |
146.201.171.5 | store.de.bitdefender.com |
246.103.210.75 | store.drweb.com |
36.17.75.158 | store.trendmicro.com |
231.81.20.66 | subs.geekstogo.com |
183.157.46.55 | subwiz.trendmicro.com |
216.59.86.125 | sucop.com |
74.229.18.21 | sun.symantec.com |
12.37.151.185 | sunbelt-software.com |
220.114.177.174 | sunbeltsecurity.com |
253.15.29.244 | sunbeltsoftware.com |
111.186.149.71 | superboy2010.com.au |
238.249.94.235 | superdicas.com.br |
1.70.53.224 | superuser.co.kr |
34.159.160.38 | support.drweb.com |
80.142.24.121 | support.f-secure.com |
155.17.106.233 | support.kaspersky.co |
107.162.132.222 | support.mcafee.com |
139.252.171.224 | support.microsoft.com |
253.234.36.119 | support.pandasecurity.com |
192.230.237.27 | support.rising-global.com |
144.118.7.16 | sybari.com |
177.208.46.86 | sygate.com |
35.190.167.170 | symantec-ese.baynote.net |
161.186.112.146 | symantec.com |
181.6.138.135 | symantecliveupdate.com |
214.164.178.137 | symatec.com |
4.147.42.32 | sysinternals.com |
199.142.243.196 | system-cleaner.comodo.com |
150.219.14.185 | tallemu.com |
183.120.121.255 | taringa.net |
41.103.241.82 | tds.diamondcs.com.au |
236.98.187.246 | tech.pantip.com |
188.175.145.235 | techimo.com |
220.77.252.49 | techspot.com |
78.59.117.200 | techsupportforum.com |
205.55.62.108 | tecniservicioslys.com |
225.131.156.233 | tecno-soft.com |
138.169.7.47 | tempuri.org |
251.151.128.131 | thecomputerpitstop.com |
122.147.73.39 | thejokerx.blogspot.com |
74.223.99.28 | thetechguide.com |
107.125.139.98 | thinkpad.cn |
221.108.3.181 | threatexpert.com |
160.103.204.157 | threatinfo.trendmicro.com |
111.180.231.146 | timeforyourbusi.pandasecurity.com |
144.81.14.148 | timestamp.comodoca.com |
2.64.134.43 | timestamp.wosign.com |
129.59.80.207 | tinysoftware.com |
149.136.106.196 | tms.symantec.com |
181.38.145.10 | together.pctools.com |
39.20.78.93 | tool.ikaka.com |
166.16.23.69 | toonbox.de |
118.92.237.58 | tr.mcafee.com |
151.250.88.133 | trackingtheworld.com |
81.237.25.28 | training.drweb.com |
19.44.226.192 | training.trendmicro.com |
227.121.185.181 | trapware.com |
4.22.36.251 | trendmicro.com |
118.193.156.78 | trendmicro.com.cn |
245.0.101.242 | trendmicro.fr |
9.77.128.231 | trendsecure.com |
41.234.167.45 | trial.trendmicro.com |
155.149.31.196 | trucoswindows.es |
26.213.233.104 | trucoswindows.net |
234.33.3.93 | tw.mcafee.com |
79.191.42.163 | tw.sophos.com |
124.105.163.246 | tw.trendmicro.com |
63.169.108.154 | tweaksforgeeks.com |
15.245.134.144 | u0.eset.com |
48.147.174.214 | u1.eset.com |
162.62.106.109 | u10.eset.com |
100.125.239.17 | u100.eset.com |
52.202.10.6 | u11.eset.com |
85.103.117.76 | u12.eset.com |
199.18.237.159 | u13.eset.com |
70.81.182.67 | u14.eset.com |
90.158.141.56 | u15.eset.com |
2.127.128.6 | u16.eset.com |
48.110.248.89 | u17.eset.com |
243.106.194.65 | u18.eset.com |
195.250.220.54 | u19.eset.com |
228.84.3.56 | u2.eset.com |
85.66.124.207 | u20.eset.com |
24.62.69.115 | u21.eset.com |
232.206.95.105 | u22.eset.com |
9.40.135.175 | u23.eset.com |
123.22.255.2 | u24.eset.com |
249.18.200.234 | u25.eset.com |
13.95.227.223 | u26.eset.com |
46.252.10.225 | u27.eset.com |
92.235.130.120 | u28.eset.com |
31.230.75.28 | u29.eset.com |
239.51.102.17 | u3.eset.com |
15.208.209.87 | u30.eset.com |
129.191.73.170 | u31.eset.com |
68.187.19.78 | u32.eset.com |
20.7.233.67 | u33.eset.com |
53.165.84.137 | u34.eset.com |
166.147.205.32 | u35.eset.com |
173.23.30.76 | u36.eset.com |
193.99.244.65 | u36eset.com |
226.1.96.136 | u37.eset.com |
84.239.216.219 | u37eset.com |
210.235.161.127 | u38.eset.com |
162.56.188.116 | u39.eset.com |
195.213.227.186 | u4.eset.com |
53.196.91.13 | u40.eset.com |
248.191.36.245 | u41.eset.com |
199.12.63.234 | u42.eset.com |
232.169.102.236 | u43.eset.com |
90.152.222.131 | u44.eset.com |
217.148.168.39 | u45.eset.com |
237.224.194.28 | u46.eset.com |
14.126.233.98 | u47.eset.com |
127.108.166.181 | u48.eset.com |
254.104.111.157 | u49.eset.com |
206.180.69.146 | u5.eset.com |
239.82.177.149 | u50.eset.com |
97.252.41.44 | u51.eset.com |
35.60.242.208 | u52.eset.com |
243.137.201.197 | u53.eset.com |
20.38.52.11 | u54.eset.com |
134.209.172.94 | u55.eset.com |
5.16.117.2 | u56.eset.com |
160.229.24.127 | u57.eset.com |
193.130.63.197 | u58.eset.com |
51.45.183.92 | u59.eset.com |
178.108.129.0 | u6.eset.com |
130.185.155.245 | u60.eset.com |
231.87.194.59 | u61.eset.com |
20.1.59.142 | u62.eset.com |
215.65.4.50 | u63.eset.com |
167.141.30.39 | u64.eset.com |
200.43.70.110 | u65.eset.com |
58.213.2.5 | u66.eset.com |
252.21.135.169 | u67.eset.com |
204.98.161.158 | u68.eset.com |
237.255.13.228 | u69.eset.com |
95.170.133.55 | u7.eset.com |
222.233.78.219 | u70.eset.com |
241.54.37.208 | u71.eset.com |
18.143.144.22 | u72.eset.com |
64.126.8.105 | u73.eset.com |
3.122.210.81 | u74.eset.com |
211.10.236.70 | u75.eset.com |
244.100.19.72 | u76.eset.com |
101.82.140.223 | u77.eset.com |
40.78.85.75 | u78.eset.com |
192.166.55.64 | u79.eset.com |
225.0.94.134 | u8.eset.com |
82.238.215.217 | u80.eset.com |
209.234.160.193 | u81.eset.com |
229.54.186.183 | u82.eset.com |
6.212.226.185 | u83.eset.com |
52.194.90.80 | u84.eset.com |
246.190.35.244 | u85.eset.com |
198.11.62.233 | u86.eset.com |
231.168.169.47 | u87.eset.com |
89.151.33.130 | u88.eset.com |
28.146.234.38 | u89.eset.com |
235.223.193.27 | u9.eset.com |
12.124.44.97 | u90.eset.com |
126.107.164.248 | u91.eset.com |
253.103.110.156 | u92.eset.com |
17.179.68.145 | u93.eset.com |
50.81.175.215 | u94.eset.com |
163.63.40.42 | u95.eset.com |
34.59.241.206 | u96.eset.com |
242.135.11.196 | u97.eset.com |
19.37.51.10 | u98.eset.com |
133.19.171.93 | u99.eset.com |
71.15.116.69 | uk.mcafee.com |
159.228.22.194 | uk.trendmicro-europe.com |
192.129.62.196 | uk.trendmicro.com |
50.112.182.91 | ulove.tigolbittys.info |
177.107.127.255 | up.duba.net |
196.184.154.244 | up.rising.com.cn |
229.85.193.58 | up1.nod123.cn |
87.68.125.141 | upd.zonelabs.com |
214.64.71.117 | update.360safe.cn |
166.140.29.106 | update.360safe.com |
199.42.136.108 | update.aladdin.com |
56.212.1.3 | update.authentium.com |
251.20.202.167 | update.avg.com |
203.96.160.156 | update.avgfrance.com |
236.254.12.227 | update.bitdefender.com |
94.168.132.54 | update.drweb.com |
220.232.77.218 | update.ewido.com |
240.53.103.207 | update.grisoft.com |
17.210.143.21 | update.grisoft.cz |
131.125.7.172 | update.hispasec.com |
2.188.208.80 | update.ikaka.com |
209.9.235.69 | update.ikarus-software.at |
54.166.18.139 | update.quickheal.com |
100.81.138.222 | update.rising.com.cn |
39.145.84.130 | update.sophos.com |
247.221.110.119 | update.symantec.com |
160.3.29.69 | update.trendmicro.com |
17.173.218.220 | update7.jiangmin.com |
212.237.95.128 | updatem.360safe.cn |
164.57.121.117 | updatem.360safe.com |
197.215.229.188 | updates.a-2.org |
55.129.93.15 | updates.drweb.com |
181.193.38.179 | updates.f-prot.com |
201.14.252.168 | updates.sald.com |
234.103.104.238 | updates.symantec.com |
24.86.224.65 | updates3.kaspersky-labs.com |
219.81.169.41 | updates4.kaspersky-labs.com |
170.226.196.30 | updates5.kaspersky-labs.com |
203.59.235.32 | upgrade.bitdefender.com |
61.42.99.183 | upgrade1.bitdefender.com |
0.37.45.91 | upgrade2.bitdefender.com |
208.182.71.80 | upgrade3.bitdefender.com |
241.16.110.150 | upgrade4.bitdefender.com |
98.254.231.233 | upload.changelog.fr |
225.250.176.209 | us.bitdefender.com |
245.70.202.198 | us.mcafee.com |
22.228.242.201 | us.trendmicro.com |
68.210.106.96 | usa.kaspersky.com |
6.206.51.4 | usbcleaner.cn |
214.27.77.249 | ushousecall02.trendmicro.com |
247.184.185.63 | utilidades-utiles.com |
105.167.49.146 | v.dreamwiz.com |
44.162.250.54 | v4.windowsupdate.microsoft.com |
251.239.209.43 | v5.windowsupdate.microsoft.com |
28.140.60.113 | vet.com.au |
142.123.180.8 | vicentevirtual.com |
13.118.126.172 | viguard.com |
33.195.220.41 | vil.nai.com |
201.233.71.111 | vil.nail.com |
59.215.192.194 | virobot.co.kr |
186.211.137.102 | virscan.org |
138.31.163.91 | virus.org |
171.189.203.162 | virusbuster.hu |
29.171.67.245 | viruschief.com |
223.167.12.221 | virusdoctor.jp |
175.244.38.210 | virusfreezone.info |
208.145.78.212 | virusinfo.prevx.com |
66.128.198.107 | viruslist.com |
193.123.143.15 | viruslist.ru |
212.200.170.4 | virusscan.jotti.org |
245.101.209.74 | virusscanonline.net |
103.84.141.157 | virusspy.com |
230.79.87.133 | virustotal.com |
182.156.45.122 | visualizesoftware.com |
214.58.152.124 | visualtracking.symantec.com |
72.228.17.19 | vivo-austin.com |
11.36.218.183 | vms.drweb.com |
219.112.176.172 | vncsvr.com |
252.14.28.242 | vos.symantec.com |
110.184.148.70 | vrv.com.cn |
236.248.93.234 | vsantivirus.com |
0.69.119.223 | webadmin.norman.no |
33.226.159.37 | webphand.com |
147.141.23.188 | webroot.com |
18.204.224.96 | wedoantivirus.com |
225.25.251.85 | welkam.co.jp |
142.255.106.227 | wexperts-exchange.com |
188.169.226.54 | whatthetech.com |
127.233.172.218 | wikio.es |
79.53.198.207 | wilderssecurity.com |
112.211.237.21 | wilderssecurity.net |
225.125.170.172 | wildlist.com |
164.189.47.81 | windowsupdate.microsoft.com |
116.9.73.70 | winpatrol.com |
149.167.181.140 | wmcafee.com |
7.82.45.223 | woottonfootball.com |
134.145.246.131 | wtc.trendmicro.com |
153.222.205.120 | ww.emsisoft.com |
186.55.56.190 | www.1stavenuelimousines.co.uk |
232.38.176.17 | www.2xlgames.com |
171.33.122.249 | www.ahnlab.com |
123.178.148.238 | www.aks.com |
155.12.187.240 | www.aladdin.com |
13.250.51.135 | www.anti-trojan-software.net |
208.246.253.43 | www.anti-trojan.net |
160.134.23.32 | www.anti-virus.by |
193.224.62.102 | www.antivir.es |
50.206.183.185 | www.antivirus-tools.com |
177.202.128.162 | www.antiy.net |
197.22.154.151 | www.apsecure.com |
230.180.194.153 | www.arpia.be |
20.163.58.48 | www.authentium.com |
215.158.3.212 | www.authentium.com.au |
166.235.30.201 | www.av-desk.com |
199.136.137.15 | www.avast.com |
57.119.1.98 | www.avg.com |
252.114.203.6 | www.avhide.com |
204.191.161.251 | www.avoncourt.com |
236.93.12.65 | www.avx.ro |
94.75.132.216 | www.barder.com |
101.207.214.4 | www.beautybar.com |
121.27.172.249 | www.bg.virusblokada.com |
154.185.23.63 | www.bit-defender.de |
11.167.144.146 | www.bitdefende.de |
138.163.89.55 | www.bitdefender-es.com |
90.239.115.44 | www.bitdefender.be |
123.141.155.114 | www.bitdefender.cl |
237.124.19.197 | www.bitdefender.co.uk |
175.119.220.173 | www.bitdefender.com |
127.196.247.162 | www.bitdefender.com.au |
160.97.30.164 | www.bitdefender.com.sg |
18.80.150.59 | www.bitdefender.com.tw |
145.75.96.223 | www.bitdefender.com.vn |
165.152.122.212 | www.bitdefender.de |
197.53.161.26 | www.bitdefender.es |
55.36.93.109 | www.bitdefender.fr |
182.32.39.85 | www.bitdefender.hk |
134.108.253.74 | www.bitdefender.us |
167.10.104.76 | www.bitdefenderme.com |
24.180.225.227 | www.briarhurst.com |
219.244.170.136 | www.brightoctober.com |
171.64.128.125 | www.buraka.tv |
204.222.236.195 | www.buscafacil.com |
62.137.100.22 | www.buscalo.in |
189.200.45.186 | www.busco.in |
208.21.72.175 | www.ca.com |
241.178.111.245 | www.cambridge-steiner-school.co.uk |
99.93.231.140 | www.ccssforum.org |
106.36.57.184 | www.celticmerchant.com |
58.113.83.173 | www.clamav.net |
158.14.122.243 | www.collectedcurios.com |
204.185.242.70 | www.comodo.com |
143.249.188.234 | www.comodo.tv |
95.69.214.223 | www.comodoantispam.com |
128.227.253.37 | www.comodopartners.com |
241.141.186.188 | www.computing.net |
180.205.63.96 | www.configurarequipos.com |
132.25.89.86 | www.contentverification.com |
165.183.197.156 | www.deborahshelton.net |
23.98.61.239 | www.dr-bull.com |
149.161.6.147 | www.drweb.com |
169.238.221.136 | www.ealaddin.com |
202.71.72.206 | www.elvis-express.com |
248.54.192.33 | www.emeraldclassic.co.uk |
187.49.138.9 | www.emsisoft.at |
139.194.164.254 | www.emsisoft.com |
171.27.203.0 | www.emsisoft.de |
29.10.67.151 | www.emsisoft.es |
224.6.13.59 | www.emsisoft.fr |
176.150.39.48 | www.emsisoft.it |
209.240.78.118 | www.emsisoft.jp |
66.222.199.201 | www.emsisoft.net |
193.218.144.177 | www.emsisoft.nl |
213.38.170.167 | www.emsisoft.org |
246.196.210.169 | www.engyro.com |
36.179.74.64 | www.entercept.com |
230.174.19.228 | www.esafe.com |
182.251.46.217 | www.eset.es |
215.152.153.31 | www.eugrantsadvisor.com |
73.135.17.114 | www.eugrantsadvisor.de |
148.10.98.158 | www.eugrantsadvisor.ie |
100.87.57.147 | www.eugrantsadvisor.se |
132.244.164.217 | www.exchangeyourcareer.com |
246.227.28.112 | www.f-prot.com |
117.223.230.20 | www.f-secure.com |
137.43.188.9 | www.fimasys.com |
170.201.39.79 | www.flairweddings.co.uk |
27.183.160.162 | www.forospyware.com |
154.179.105.70 | www.fortifed.com |
106.255.131.60 | www.fortiid.com |
139.157.171.130 | www.fortimail.com |
253.139.35.213 | www.fortinet-apac.com |
191.135.236.189 | www.fortinet.ch |
143.212.7.178 | www.fortinet.co.il |
176.113.46.180 | www.fortinet.com |
34.96.166.75 | www.fortinet.net |
161.91.111.239 | www.fortinet.nl |
181.168.138.228 | www.fortinet.sg |
213.69.177.42 | www.fortinetuk.com |
71.52.109.125 | www.freeality.com |
198.48.55.101 | www.freedrweb.ru |
150.124.13.90 | www.freerav.com |
183.26.120.92 | www.frisk-software.com |
40.196.241.243 | www.frisk.is |
235.4.186.151 | www.fsecure.com |
187.24.88.84 | www.garryowen.com |
164.182.195.154 | www.gdata.es |
21.96.60.237 | www.globalhauri.com |
148.160.5.146 | www.gokidding.com |
168.236.31.135 | www.grisoft.com |
201.138.71.205 | www.hackshields.com |
59.53.191.100 | www.hacksoft.com.pe |
185.116.136.8 | www.hacksoft.pe |
137.193.163.253 | www.handwritingforkids.com |
238.94.202.67 | www.hasp.se |
28.9.66.150 | www.hauri.co.kr |
223.72.12.58 | www.hauri.net |
175.149.38.47 | www.hxproduction.com |
207.50.77.117 | www.ibusca.me |
65.221.9.12 | www.ikarus.at |
4.29.143.176 | www.imddomains.co.uk |
212.105.169.165 | www.indielisboa.com |
245.7.20.235 | www.inicioid.com |
102.177.141.62 | www.iniciorapido.info |
229.241.86.227 | www.internationalservicecheck.com |
249.61.44.216 | www.irangoals.com |
26.151.152.30 | www.iseclab.org |
72.134.16.113 | www.ixomodels.com |
10.129.217.89 | www.jiangmin.com |
98.154.124.214 | www.jiangmin.com.cn |
131.243.163.216 | www.jotti.org |
245.226.27.111 | www.kaspersky.com |
184.221.229.19 | www.kioskea.net |
136.110.255.8 | www.latin-mass-society.org |
168.199.38.78 | www.livepcsupport.com |
26.182.158.161 | www.malwarecity.com |
153.178.104.137 | www.malwarecity.fr |
173.254.130.126 | www.mamutu.com |
206.156.169.128 | www.mamutu.de |
251.138.34.23 | www.manchester-offices.co.uk |
190.134.235.187 | www.mcafee.at |
142.210.5.177 | www.mcafee.com |
175.112.113.247 | www.metascan-online.com |
33.95.233.74 | www.microsoft.com |
227.90.178.238 | www.midescargas.com |
179.167.137.227 | www.mountainlakeslodge.com |
212.68.244.41 | www.mtr-design.com |
70.51.108.192 | www.mygeekside.com |
197.46.53.100 | www.netegrity.com |
217.123.12.89 | www.norman.com |
249.24.119.159 | www.nottinghampoetryseries.com |
107.7.239.242 | www.novirusthanks.org |
234.3.185.150 | www.npin.co.kr |
186.79.211.139 | www.nprotect.co.kr |
99.117.130.89 | www.nprotect.com |
212.99.251.172 | www.nprotect.com.br |
151.95.196.148 | www.nsclean.com |
103.171.222.138 | www.owen.org |
136.73.6.140 | www.pandasecurity.com |
250.55.126.35 | www.pctools.com |
120.51.71.199 | www.peterhearnwaste.co.uk |
140.128.98.188 | www.phoenixtrikeworks.com |
173.29.137.2 | www.prdouglas.co.uk |
31.12.69.85 | www.prevx.com |
158.7.14.61 | www.prevx1.com |
110.84.229.50 | www.professorbeyer.com |
142.241.80.52 | www.quickheal.com |
0.156.200.203 | www.removetrojanvirus.org |
195.220.146.111 | www.renningers.com |
147.40.104.100 | www.residentphotography.com |
180.198.211.170 | www.retento.com |
37.112.76.253 | www.reviewsofbooks.com |
164.176.21.161 | www.rising-global.com |
184.252.47.151 | www.risingav.com.au |
217.154.87.221 | www.safenet-inc.com |
75.68.207.116 | www.scan4you.net |
201.132.152.24 | www.seasonsecurity.com |
153.209.179.13 | www.secondchanceboxer.com |
254.110.218.83 | www.secure-elements.com |
44.161.218.46 | www.sheffieldmind.co.uk |
119.224.163.210 | www.smf.org |
70.45.190.199 | www.softfaq.com |
103.202.229.13 | www.sophos.com |
217.117.161.164 | www.spycheck.co.uk |
156.181.39.72 | www.spycheck.es |
108.1.65.61 | www.stadiumpage.com |
141.159.172.131 | www.sunbeltsoftware.com |
254.73.37.214 | www.symantec.com |
125.137.238.122 | www.sysinternals.com |
145.213.196.112 | www.tecniservicioslys.com |
178.47.48.182 | www.testmypcsecurity.com |
224.29.168.9 | www.threatexpert.com |
162.25.113.241 | www.tomorrowsedge.net |
114.170.140.230 | www.trendmicro.com |
147.3.179.232 | www.trojaner.info |
5.242.43.127 | www.trustix.com |
200.237.244.35 | www.trustlogo.com |
151.126.15.24 | www.vba.com.by |
184.215.54.94 | www.virscan.org |
42.198.174.177 | www.virus.fi |
169.194.120.153 | www.virus.org |
189.14.146.214 | www.virusbuster.hu |
38.244.1.216 | www.viruschief.com |
84.226.122.112 | www.virusfreezone.info |
22.222.67.20 | www.virustotal.com |
230.43.93.9 | www.wellgousa.com |
7.200.201.79 | www.whichssl.com |
121.183.65.162 | www.willsee.com |
60.178.10.70 | www.xmlsoap.org |
11.255.225.59 | www.zarya.info |
44.156.76.129 | www1.my-etrust.com |
158.139.196.24 | www3.ca.com |
29.134.142.188 | www3.safenet-inc.com |
49.211.100.177 | www4.symantec.com |
81.113.207.247 | wwws.clamav.net |
195.95.72.74 | x-cleaner.com |
66.91.17.238 | x.360safe.com |
18.167.43.227 | yoreparo.com |
51.69.82.41 | z-oleg.com |
165.51.203.125 | zeustracker.abuse.ch |
103.47.148.101 | zeylstra.nl |
55.124.174.90 | zhidao.baidu.com |
88.25.214.92 | zhidao.ikaka.com |
202.8.78.243 | ziggamza.net |
209.139.159.31 | zonavirus.com |
228.216.186.20 | zonealarm.com |
5.117.225.90 | zonelabs.com |
119.100.157.173 | zonelabs.fr |
246.95.103.149 | zonelog.co.uk |
198.172.61.138 | zs.kingsoft.com |
230.74.168.140 | ztl.comodo.com |
Rootkit activity
No anomalies have been detected.
Propagation
A worm can spread via removable drives. It writes its executable and creates "autorun.inf" scripts on all removable drives. The autorun script will execute the Trojan's file once a user opens a drive's folder in Windows Explorer.
Removals
Remove it with Ad-Aware
- Click (here) to download and install Ad-Aware Free Antivirus.
- Update the definition files.
- Run a full scan of your computer.
Manual removal*
- Delete the original Trojan file.
- Restore the original content of the HOSTS file (%System%\drivers\etc\hosts): 127.0.0.1 localhost
- Clean the Temporary Internet Files folder, which may contain infected files (How to clean Temporary Internet Files folder).
- Find and delete all copies of the worm's file together with "autorun.inf" scripts on removable drives.
- Reboot the computer.
Static Analysis
VersionInfo
No information is available.
No information is available.
PE Sections
Name | Virtual Address | Virtual Size | Raw Size | Entropy | Section MD5 |
---|---|---|---|---|---|
UPX0 | 4096 | 114688 | 114688 | 0.51432 | 7bef82c3394e3992d5389bac03ba507f |
UPX1 | 118784 | 8192 | 5632 | 4.91102 | 5ab635495d23e9c3d44b341b05b99270 |
.rsrc | 126976 | 163840 | 90624 | 5.53639 | 7c436c5d4a313391699ac305be5626cd |
Dropped from:
Downloaded by:
Similar by SSDeep:
Similar by Lavasoft Polymorphic Checker:
Total found: 1
331fe262ce50ab8c19c43f2bf6c941a6
Network Activity
URLs
URL | IP |
---|---|
hxxp://cdn2.iconfinder.com/static/66214acbf85a96dcfe0dba9a8103f0e5/assets/fonts/Bariol/bariol_thin-webfont.eot? | 205.234.175.175 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581353&bdh=6dhxPAG0sol2xvBBeXhsc48UKbY.&&view_iv=1&view_pos=630,197&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=728x90 | 37.252.163.145 |
hxxp://onclickads.net/apu.php?zoneid=451856 | 206.54.165.193 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581353&bdh=6dhxPAG0sol2xvBBeXhsc48UKbY.&&view_iv=1&view_pos=630,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x250 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?id=6352664&size=160x600 | 37.252.163.145 |
hxxp://ubusiness.mooo.com/iconfinder.css | 199.175.53.69 |
hxxp://ads.clicksor.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=123&sid=123&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t9917827&txt= | |
hxxp://pub.clicksor.net/newServing/js/show.js | 199.21.148.17 |
hxxp://b.yu0123456.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t2224226&txt=Search Engine | 199.21.148.88 |
hxxp://www.buscaid.com/?adf | 199.175.53.69 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581340&bdh=bxiHNrbxqB3D0FvXDFOBXa2qkIM.&&view_iv=1&view_pos=630,197&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=728x90 | 37.252.163.145 |
hxxp://b.yu0123456.com/newServing/search_banner.php?cb=doLayerBanner&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&zone=0&chad=1&oe=utf-8&cs=&memkey=e7af41c0a7890b02d92657b226f10a9b&lb=33&adu=3&image=3&lq=0&qp=YF4lITV9ISki_X01ICEpfiD5b1NXNCT7KDF9KXxhTy0t_igpJ_0hMf0nLX19KDAgLCwg8WRvJyQrJP0lNP4mKSTxZG0nKzA&t5786.541501394893 | 199.21.148.88 |
hxxp://nk78g8f325h7fy7hyr1es3hao1zkt1.ipcheker.com/ | 75.126.102.230 |
hxxp://pub.clicksor.net/newServing/img/banner/question_icon.png | 199.21.148.17 |
hxxp://ib.adnxs.com/ttj?id=6352664&size=300x600 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581352&bdh=02qAYslMU9t8Od5_wt_zZHI8PHg.&&view_iv=1&view_pos=0,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x600 | 37.252.163.145 |
hxxp://pl.intag.co/ttj?id=6352664&size=160x600 | 37.252.170.216 |
hxxp://dkxa0w0318j3wi03g7wy0euykfwkpz.ipcheker.com/ | 75.126.102.230 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581311&bdh=eDXAIxQg1UVAUXfC9B4E7ZHWAZg.&&view_iv=0&view_pos=1260,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=160x600 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581311&bdh=eDXAIxQg1UVAUXfC9B4E7ZHWAZg.&&view_iv=1&view_pos=630,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x250 | 37.252.163.145 |
hxxp://whos.amung.us/swidget/26n2qf7pnk0x | 67.202.94.94 |
hxxp://b.yu0123456.com/show.php?nid=1&pid=278617&sid=608546 | 199.21.148.88 |
hxxp://b.yu0123456.com/newServing/tracking_id.php?b=1&UID=14625813261083&TRSTR=1&RTID= | 199.21.148.88 |
hxxp://pl.intag.co/ttj?id=6352664&size=300x250 | 37.252.170.216 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581311&bdh=eDXAIxQg1UVAUXfC9B4E7ZHWAZg.&&view_iv=1&view_pos=630,197&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=728x90 | 37.252.163.145 |
hxxp://widgets.amung.us/small/00/19.png | 50.23.131.235 |
hxxp://b.yu0123456.com/newServing/searchTrack.php?nid=1&sid=608546&random=2039980338 | 199.21.148.88 |
hxxp://b.yu0123456.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t4686091&txt=Search Engine | 199.21.148.88 |
hxxp://cdn0.iconfinder.com/static/4e9a074acfe29ddb22561e5ec0e8a755/assets/fonts/Bariol/bariol_regular-webfont.eot? | 205.234.175.175 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581340&bdh=bxiHNrbxqB3D0FvXDFOBXa2qkIM.&&view_iv=1&view_pos=630,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x250 | 37.252.163.145 |
hxxp://pl.intag.co/ttj?id=6352664&size=728x90 | 37.252.170.216 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581326&bdh=Z8SSENPr2SHxvITvRrIlcFyWNAE.&&view_iv=1&view_pos=630,197&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=728x90 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581353&bdh=6dhxPAG0sol2xvBBeXhsc48UKbY.&&view_iv=0&view_pos=1260,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=160x600 | 37.252.163.145 |
hxxp://cdn1.iconfinder.com/static/a998a3cd06a9b50682dc582393c423a0/assets/fonts/Agenda/agendabold-webfont.eot? | 205.234.175.175 |
hxxp://creative.clicksor.com/network_1/153539/c1175512710.png | 199.21.148.87 |
hxxp://ib.adnxs.com/bounce?/ttj?id=6352664&size=300x600 | 37.252.163.145 |
hxxp://b.yu0123456.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t4313018&txt=Search Engine | 199.21.148.88 |
hxxp://cdn3.iconfinder.com/static/34e7d4088171083e80067fddb9546644/assets/fonts/Bariol/bariol_light-webfont.eot? | 205.234.175.175 |
hxxp://cdn0.iconfinder.com/static/838c1ff91b646f8cdee529fd9f02c1dd/assets/fonts/Agenda/agendalight-webfont.eot? | 205.234.175.175 |
hxxp://ib.adnxs.com/ttj?id=6352664&size=300x250 | 37.252.163.145 |
hxxp://go.onclasrv.com/apu.php?zoneid=451856 | 78.140.191.112 |
hxxp://tr1.myroitracking.com/newServing/tracking_id.php?d=b.yu0123456.com&r=http://b.yu0123456.com/newServing/tracking_id.php?b=1&>ruid=1 | 199.21.148.123 |
hxxp://b.yu0123456.com/newServing/banner_frame.php?nid=1&pid=278617&sid=608546&zone=-1&image=3&adtype=1&key=5fccbe19d3f75dafee26a47653ff94b8 | 199.21.148.88 |
hxxp://pub.clicksor.net/newServing/img/banner/header_bg.png | 199.21.148.17 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581324&bdh=t5CDTAtazTkibWZcFLO9Ca8KW84.&&view_iv=1&view_pos=0,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x600 | 37.252.163.145 |
hxxp://b.yu0123456.com/newServing/banner_frame.php?nid=1&pid=278617&sid=608546&zone=-1&image=3&adtype=1&key=224cc055d65694be96eca5612bbcd1b9 | 199.21.148.88 |
hxxp://b.yu0123456.com/newServing/search_banner.php?cb=doLayerBanner&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&zone=0&chad=1&oe=utf-8&cs=&memkey=e7af41c0a7890b02d92657b226f10a9b&lb=33&adu=3&image=3&lq=0&qp=YF4lITV9ISki_X01ICEpfiD5b1NXNCT7KDF9KXxhTy0t_igpJ_0hMf0nLX19KDAgLCwg8WRvJyQrJP0lNP4mKCDxZG0nKzA&t656.1839232580575 | 199.21.148.88 |
hxxp://b.yu0123456.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=278617&sid=608546&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t6603390&txt=Search Engine | 199.21.148.88 |
hxxp://widgets.amung.us/small/00/5.png | 50.23.131.235 |
hxxp://b.yu0123456.com/newServing/searchTrack.php?nid=1&sid=608546&random=1272946821 | 199.21.148.88 |
hxxp://ads.clicksor.com/newServing/getkey.php?cb=getkey&ob=Yesup.clicksor.Code[0]&nid=1&pid=123&sid=123&spid=&ns=0&nw=1&zone=0&url=http://ubusiness.mooo.com/?adf&lb=0&ext=0&oe=utf-8&t6849067&txt= | |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581340&bdh=bxiHNrbxqB3D0FvXDFOBXa2qkIM.&&view_iv=0&view_pos=1260,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=160x600 | 37.252.163.145 |
hxxp://cdn3.iconfinder.com/static/cae879b830d3e826c649c3bac797a9ec/assets/fonts/Bariol/bariol_bold-webfont.eot? | 205.234.175.175 |
hxxp://b.yu0123456.com/newServing/searchTrack.php?nid=1&sid=608546&random=1319874333 | 199.21.148.88 |
hxxp://b.yu0123456.com/newServing/tracking_id.php?b=1&UID=14625813121068&TRSTR=1&RTID= | 199.21.148.88 |
hxxp://whos.amung.us/swidget/243dr2pd8x85 | 67.202.94.94 |
hxxp://ib.adnxs.com/ttj?id=6352664&size=728x90 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581326&bdh=Z8SSENPr2SHxvITvRrIlcFyWNAE.&&view_iv=1&view_pos=630,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x250 | 37.252.163.145 |
hxxp://cdn1.iconfinder.com/static/1f64bd2a5a284b059e1b46d49b80d07d/assets/fonts/Agenda/agendamedium-webfont.eot? | 205.234.175.175 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581326&bdh=Z8SSENPr2SHxvITvRrIlcFyWNAE.&&view_iv=0&view_pos=1260,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=160x600 | 37.252.163.145 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581310&bdh=FRNkxNjmYcDUGd5OsbY7cYltcTw.&&view_iv=1&view_pos=0,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x600 | 37.252.163.145 |
hxxp://pl.intag.co/ttj?id=6352664&size=300x600 | 37.252.170.216 |
hxxp://pub.clicksor.net/newServing/img/banner/close_icon.png | 199.21.148.17 |
hxxp://cdn0.iconfinder.com/static/8634111c430e96728cfc4b5479de93e2/assets/img/blog/flat-icons/4/message-top.png | 205.234.175.175 |
hxxp://ib.adnxs.com/ttj?ttjb=1&bdc=1462581339&bdh=fplcskx6tFSRXq6INCJovESeEZs.&&view_iv=1&view_pos=0,87&view_ws=1260,846&view_vs=0&bdref=http://ubusiness.mooo.com/?adf&bdtop=true&bdifs=1&bstk=http://ubusiness.mooo.com/?adf,http://ubusiness.mooo.com/?adf&&id=6352664&size=300x600 | 37.252.163.145 |
hxxp://pub.clicksor.net/newServing/js/ui.js | 199.21.148.17 |
hxxp://ubusiness.mooo.com/?adf | 199.175.53.69 |
hxxp://b.yu0123456.com/newServing/searchTrack.php?nid=1&sid=608546&random=1617112507 | 199.21.148.88 |
gum.criteo.com | 178.250.2.67 |
IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)
Traffic
Map
The Trojan connects to the servers at the folowing location(s):