home

app.mypdfconverter.com

Aedge Performance BCN, S.L.U.

Domain Information

The domain app.mypdfconverter.com registered by Isaac Goldstein was initially registered in January of 2016 through OVH. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Aedge Performance BCN, S.L.U. who is located in BARCELONA, Catalunya in Spain.
Registrar:
DROPCATCH.COM 753 LLC

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Thursday, January 7, 2016

Expires date:
Saturday, January 7, 2017

Updated date:
Friday, January 8, 2016

ASN:
AS16276 OVH OVH SAS

Root domain:
mypdfconverter.com

Whois:
3 mypdfconverter.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Adedge, PUP.Installer.SecureDigitalServices, Threat.Adedge.Installer, PUP.Adedge.AedgePerformanceBCNU.Installer (M), PUP.Adedge.AedgePerformanceBCN.Installer (M), PUP.OfferBox.SecureDi.Installer (M), PUP.Adedge.AedgePer.Installer (M), PUP.Adedge (M)
100.00%

Trend Micro House Call
HV_ZYX_CA082DC6.TOMC
15.63%

herdProtect (fuzzy)
a variant of beb6a259e4273464f843e89214a1862ac0f75838
3.13%

The domain app.mypdfconverter.com has been seen to resolve to the following 8 IP addresses.

167.114.156.214
ns513839.ip-167-114-156.net
August 7, 2016

103.224.182.245
lb-182-245.above.com
February 13, 2016

178.33.88.175
w05.es2.aedn.eu
April 14, 2014

178.33.88.174
w04.es2.aedn.eu
April 14, 2014

178.33.88.173
w03.es2.aedn.eu
April 14, 2014

178.33.88.171
w01.es2.aedn.eu
April 14, 2014

178.33.88.178
w08.es2.aedn.eu
April 14, 2014

178.33.88.177
w07.es2.aedn.eu
April 14, 2014

File downloads found at URLs served by app.mypdfconverter.com.

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=es&campaign=10286&tracker=1990&par1=240811  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=fr&campaign=10308&tracker=1995&par1=200111  (mypdfconverter-setup.exe)

1 / 68      (PUP)
http://app.mypdfconverter.com/download.php?ul=es&campaign=10286&tracker=1990&par1=210910  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=fr&campaign=10308&tracker=1995&par1=06092012  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=es&campaign=14470&tracker=2841&par1=06092012  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=es&campaign=14470&tracker=2841&par1=240811  (mypdfconverter-setup.exe)

1 / 68      (PUP)
http://app.mypdfconverter.com/download.php?ul=es&campaign=10286&tracker=1990&par1=121110  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=fr&campaign=10308&tracker=1995&par1=021211  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=es&campaign=10286&tracker=1990&par1=021211  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=es&campaign=10286&tracker=1990&par1=160910  (mypdfconverter-setup.exe)

1 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=br&campaign=13623&tracker=2614&par1=150611  (mypdfconverter-setup.exe)

3 / 68      (Adware)
http://app.mypdfconverter.com/download.php?ul=it&campaign=10297&tracker=1994&par1=240811  (mypdfconverter-setup.exe)

1 / 68      (PUP)
http://app.mypdfconverter.com/download.php?ul=fr&campaign=10308&tracker=1995&par1=140910  (mypdfconverter-setup.exe)

The following 82 files have been seen to comunicate with app.mypdfconverter.com in live environments.

TCP » 178.33.88.173:80
offerbox.exe (OfferBox by Aedge Performance BCN SL)

TCP » 178.33.88.173:80
offerboxhttpproxy.exe (OfferBoxHTTPProxy by Aedge Performance BCN SL)

TCP » 167.114.156.214:3333
webproxy.exe

TCP » 178.33.88.173:80
offerboxhttpproxy.exe (OfferBoxHTTPProxy by Aedge Performance BCN SL)

TCP » 178.33.88.173:80
offerbox.exe (OfferBox by Aedge Performance BCN SL)

TCP » 167.114.156.214:80
setup_info.exe

TCP » 178.33.88.173:80
OfferBox.exe (OfferBox by Secure Digital Services)

TCP » 178.33.88.173:80
offerbox.exe (OfferBox by Aedge Performance BCN SL)

TCP » 167.114.156.214:80
tencent.exe (by Tencent)

TCP » 167.114.156.214:80
rs.exe

TCP » 167.114.156.214:80
loader.exe (Updater by SOFTWARE AGILITY LIMITED)

TCP » 178.33.88.173:80
offerbox.exe (OfferBox by Aedge Performance BCN SL)

TCP » 167.114.156.214:80
win.exe (SendStat Module)

TCP » 178.33.88.173:80
Client.exe

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 178.33.88.173:80
offerbox.exe (OfferBox by Aedge Performance BCN SL)

TCP » 167.114.156.214:80
ProxyFinder.EXE (Proxy Finder Enterprise Edition Application)

TCP » 167.114.156.214:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 178.33.88.173:80
offerboxhttpproxy.exe (OfferBoxHTTPProxy by Aedge Performance BCN SL)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 95 files

URL:
http://app.mypdfconverter.com/

Title:
“mypdfconverter.com”

Web server:
Apache

spointer.com

offerbox.com

fissa.com

freetvradio.com

freecompressor.com

media-app.com

mytorrentclient.com

player-side.com

widestream6.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.