home

b.developean.in

N/A

Domain Information

The domain b.developean.in registered by N/A was initially registered in July of 2014 through Webiq Domains Solutions Pvt. Ltd. (R131-AFIN). Currently this domain has been known to host various forms of malware. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
Webiq Domains Solutions Pvt. Ltd. (R131-AFIN)

Server location:
Oregon, United States (US)

Create date:
Wednesday, July 16, 2014

Expires date:
Thursday, July 16, 2015

Updated date:
Monday, September 22, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
developean.in

Whois:
1 developean.in record

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.WebPick.RodionVeresev (M)
90.32%

Comodo Security
TrojWare.Win32.Agent.ASSP, Application.Win32.AdWare.MultiPlug.VA, TrojWare.Win32.Spy.E
32.26%

Rising Antivirus
PE:Worm.Autorun!1.9EE3, PE:Malware.XPACK-HIE/Heur!1.9C48, PE:Trojan.Win32.Generic.12A95919!313088281, PE:AdWare.Win32.MultiPlug.s!1075356738
32.26%

Emsisoft Anti-Malware
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478, Win32.Runouce.B@mm
32.26%

ESET NOD32
Win32/Adware.MultiPlug.FC application, Win32/Adware.MultiPlug.FK application, Win32/Adware.MultiPlug.FA application, Win32/AutoRun.Delf.LV worm
32.26%

McAfee
MultiPlug-FWG, Trojan.PWS-Zbot.gen.ep, Program.MultiPlug-FWG, Virus.W32/Tainp.a
32.26%

F-Prot
W32/S-c684d5f4, W32/S-4ef98cc5, W32/MultiPlug.H.gen, W32/Autorun.ZF, W32/Thecid.B@mm
32.26%

AVG
Generic6, Generic_r, Adware Generic_r.AAD, Worm/Delf.KKJ, Adware Generic6.SVC, Win32/Chir.B@mm
32.26%

Lavasoft Ad-Aware
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478
29.03%

F-Secure
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478
29.03%

MicroWorld eScan
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478
29.03%

K7 AntiVirus
Unwanted-Program , Virus
29.03%

Bitdefender
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478
29.03%

G Data
Gen:Variant.Adware.Mikey.8516, Trojan.Generic.KDV.391478
29.03%

AhnLab V3 Security
PUP/Win32.MultiPlug, Malware/Win32.Renamer
29.03%

The domain b.developean.in has been seen to resolve to the following 2 IP addresses.

54.69.228.231
ec2-54-69-228-231.us-west-2.compute.amazonaws.com
May 5, 2015

54.149.241.47
ec2-54-149-241-47.us-west-2.compute.amazonaws.com
May 5, 2015

File downloads found at URLs served by b.developean.in.

1 / 68      (Malware)
http://b.developean.in/v3500?self_redirect=0&product_name=Um Barril De Rap - A Fantástica Fabrica De Charlates.mp3&product_title=Um Barril De Rap - A Fantástica Fabrica De Charlates.mp3&product_file_name=Um Barril De Rap - A Fantástica Fabrica De Charlates.mp3&installer_file_name=Um Barril De Rap - A Fantástica Fabrica De Charlates.mp3&product_download_url=http://srv67.vidtomp3.com/download/.../Um Barril De Rap - A Fantástica Fabrica De Charlates.mp3  (um barril de rap - a fantstica fabrica de charlates.exe)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=ALEX - KVÃ?LI TAKÝM JAK SI TY.mp3&product_title=ALEX - KVÃ?LI TAKÝM JAK SI TY.mp3&product_file_name=ALEX - KVÃ?LI TAKÝM JAK SI TY.mp3&installer_file_name=ALEX - KVÃ?LI TAKÝM JAK SI TY.mp3&product_download_url=http://srv33.listentoyoutube.com/download/.../ALEX - KVÃ?LI TAKÝM JAK SI TY.mp3  (alex - kvli takm jak si ty.exe)

2 / 68
http://b.developean.in/v377?self_redirect=0&product_name=Shortcut Virus Remover v3.1&product_title=Shortcut Virus Remover v3.1&product_file_name=Shortcut Virus Remover v3.1.exe&installer_file_name=Shortcut Virus Remover v3.1&product_download_url=http://.../get.php?file=8b016077&m  (bc1c264165ec26eda413024ae079341e)

1 / 68      (Malware)
http://b.developean.in/hp/?q= fjAtGce8sXmMOQIKEucGmp/hIdX0baS/1E7RyAjK/7b5YysuKf/If0Q1WnhYSQABnm6AOrmjiX9NhvJCBEN XxT0v4PlAYz52t/q1tBcCheDpTQbPCvvHdd8gFPWOtLtuhQzWfl3xeslJ7Ft7yJROGRkHIt8ukqkeHD5WfDZ0pwCLGRLXwb7PCDWC0O7BRdtDyZ1NNLav7ZUQzgJebIegJZDBaI8rKc1j6T8iBVgDiVH0gf5Yootx zbOMOa/JSraH34pRzKATniZaNZLrmuq4sKhGxHAryaTlHRssbWRiEW3b5tL2FdRozCXHYeIZzOWDhcCB7rC0h1y6iN8oRr0RHATXpyGs Xq2oc0W8jI5es6GrE4R gyDvf9dcwStbq6AiJ3qqBF8CX9IIg9MRKc9hxuFYicwP87g3Rq3WbeHW7x4gciaIyOrfOQeSV7jJ1UD4LLE0m0jXJ8zV/d/ptnAs98I9yC1360XJi5p oWAWwb7//Lp8ug4a3AmQFV D6gqu gpGjl951KiaT604gK0SFtbO8LpvSab6hBkpbKSHitd8EHh69lgiIcuSeSIKSMJFUNIfrD0AnHGwG7jLh7Xnrqysl3dvP/nUg0pnGobuSx/qKz15FVfc/KBOxZHue74gRQgeHxT40xSEB0EgGnSCuFBDmPkIBAd0dhqk0jbVn6CbpLhzwr/ammGtGKxi2UhOhxU8fQOyri1fWonlfSFF9BgZPPOVhzVm0 HDTW8M0lnP8ydD7yz65uAhB4mVfHJdbnBN0SJGQJRiX6vVBsOIny rEGf6ypRrlffxYy27fTEgXWGsEykVV10YlYBU7ImOkmh0DxxqFezt5HvAYMkbsbyTGVbbf3kqirh19oylmToOK06y2E92/.../LmEbX0G37oZwoIe9jadOHWpvpxfU  (gotye_somebody_that_i_used_to_know_feat_kimbra_official_video.exe)

1 / 68      (Malware)
http://b.developean.in/hp/?q=UZDKedg3ijWadefABCV5CxgkgborOwXpabHH50LkMlgH2hXSoab/Jyp0xxioBbHchmTupNKVYkXy3XGM2hN8q4q2jgOzEu02jMgTZ5BAU8PCUv82xXWlICswd4IXw0Lgiwvse717Do84PoAkOxHIdbtOWpEhh BV2Vteb5aGqAuI2IwpXMp4/b6r2pAYapFaZTqDvF92ioJvG35XWRuoyyVOJh9B/I2T/m6uAQkiF8v59OtKhFHt0NbbT51UZbdB5IHi7Ats2Ea9liMqeJZuBn9iznzvVAvxNU0B5VGI/YAa7bB3ja4cyp/Glnqc22LN3xzoMrhNFk1Hj9yZ46h1VHuH0rRX9D8mj2JcTBTK7Y qgqrfrVQPGCFL8xvMfJGOnMSWy88eK3Ah1X6jsZCr6gm40vlIKF7sikiyqiLke1q1ferkp1R9 UUsTAM4cH1wjcIZwg5lJJ6jHKdGUxcnxrGTRgdwsHuG8TL AaDu2FaNXBy2daUpBVdu7YNS8Efg 7CG0SVdonKGP1SZEmg1sOnbQmIEujDJURCS/6FntBnjHCN6zYznGJ0bgPc7o RVusE1f2 oi4z0PxWGuXacwvgvVEDOuKODC31qoCSUgP88NGQhzUEbebfE4I/K/dJU/wPKu /6fXHvx0pokHSjB25nYu0vJIAT6roK35EqE4aLDhk5AQ/h15h2rd6QoCDvMoCvTrlh8W4tnwaTOur4BqMhzosqdaeOZJfDLozU/ SmbDJfDo3/O6Ei5Uaw7gjotRFtifcbCRWba9P/RheF Up9CKHdY CXiGUacJTZzZmyhIqFi4H/vo1uTAWt6gpq bNsAYsQ9qhYSha2/.../WDRz6Jb4q fxJVtCTHlSqgqEpSwopMEmwbeJpiThbmxjToatvF9uLFmQSNsSLukE9L9FJgA  (the_scientist_coldplay_traducida_al_espanol_subtitulada.exe)

1 / 68      (Malware)
http://b.developean.in/download/v377?self_redirect=0&installer_file_name=Chew WGA 0.9&product_file_name=Chew WGA 0.9.exe&product_title=Chew WGA 0.9&product_download_url=http://.../get.php?file=eb0c22c6&m&product_name=Chew WGA 0.9&st=0&IX_Startapp=1&self_redirect=0&project_name=DataFileHost&filesize=&layout_id=8&for_html_installer=1&uuid=Cpd7ZXllfEfU2BqfhnJmVyQL1cKw27vhQKD2U7MlonZJmUI7Xy9JgoNFbQmCPqHdrJ0xxQLrt5845kdTsf31gZU3bScXTe9JuwD8MRY4J38FxUH5finBXkDSWwuloNiP8RvsV3W3HqJvajVKYXpIDO24frZvuY3UkzoWHfAvcaQwZscwYw2XBQvUWH72UUGfLNGcWczDeiqkCN2W6SUrspgvqTEQgwrFgPb1DuhnOoHqgDxHVViPai4vxmTOLHlCjSIMw04nIuVGy9yW4tQykKA92PhbiCjPtUBON9nIBHdekiQYE8IQj7BcYUsmlxbrYU6lQGZEMnT71DcRgCNzRadueQGBFJdUR4FnIcK7JR1v6FY1N8gTt08onRIMNlwzod0OrLahRuMsdDmrQ4LGlKHzLWgZvWnbysR7WCGVK6XZOfrKAogLFf6q1I9hNzABwPNQ0SzgKX2KJFgnqO88M74vvRiW5sCxXE65b6JP8ozxofLvam7BuzCr6C8qregB1wYVZ7dQFD36XEH0pVa1qaqPX48oHgaNywLkuxOU8yEseQcFNldO2Dlp1x1wXzi01S2uH3OyAp2RFAqRlEe1wrd46BeY8QL4FNQSDsT0gQqFIrlWrUge81urFIytjVkbM61w  (bd9121a9cb73e9babaca50cc80147603)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=Annie OST(2014) - Tomorrow.mp3&product_title=Annie OST(2014) - Tomorrow.mp3&product_file_name=Annie OST(2014) - Tomorrow.mp3&installer_file_name=Annie OST(2014) - Tomorrow.mp3&product_download_url=http://srv48.listentoyoutube.com/download/.../Annie OST(2014) - Tomorrow.mp3  (annie ost - tomorrow.exe)

1 / 68      (Malware)
http://b.developean.in/v377?self_redirect=0&product_name=Autoposted script&product_title=Autoposted script&product_file_name=Autoposted script.exe&installer_file_name=Autoposted script&product_download_url=http://.../get.php?file=ef8087d8&m  (99c4e21ea6269187d3f740eb72e02715)

1 / 68      (Malware)
http://b.developean.in/v3500?self_redirect=0&product_name=ManGoRise - Esély 2014 (FULL HD).mp3&product_title=ManGoRise - Esély 2014 (FULL HD).mp3&product_file_name=ManGoRise - Esély 2014 (FULL HD).mp3&installer_file_name=ManGoRise - Esély 2014 (FULL HD).mp3&product_download_url=http://srv80.vidtomp3.com/download/.../ManGoRise - Esély 2014 (FULL HD).mp3  (mangorise - esly 2014 (full hd).exe)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=Gorillaz - Clint Eastwood.mp3&product_title=Gorillaz - Clint Eastwood.mp3&product_file_name=Gorillaz - Clint Eastwood.mp3&installer_file_name=Gorillaz - Clint Eastwood.mp3&product_download_url=http://srv50.listentoyoutube.com/download/4pyabW9mnK6npa9tlt UbGtlnWhmZGpt4q/.../Gorillaz - Clint Eastwood.mp3  (gorillaz - clint eastwood.exe)

1 / 68      (Malware)
http://b.developean.in/v3500?self_redirect=0&product_name=Canciones de la granja - canciones infantiles.mp3&product_title=Canciones de la granja - canciones infantiles.mp3&product_file_name=Canciones de la granja - canciones infantiles.mp3&installer_file_name=Canciones de la granja - canciones infantiles.mp3&product_download_url=http://srv48.vidtomp3.com/download/.../Canciones de la granja - canciones infantiles.mp3  (canciones de la granja - canciones infantiles.exe)

1 / 68      (Malware)
http://b.developean.in/v377?self_redirect=0&product_name=Chew WGA 0.9&product_title=Chew WGA 0.9&product_file_name=Chew WGA 0.9.exe&installer_file_name=Chew WGA 0.9&product_download_url=http://.../get.php?file=eb0c22c6&m  (6f85b5ff8b669c326f4a67cabd899dea)

1 / 68      (Malware)
http://b.developean.in/v3500?self_redirect=0&product_name=Röyksopp & Susanne Sundfør ? Running To The Sea (Studio Version).mp3&product_title=Röyksopp & Susanne Sundfør ? Running To The Sea (Studio Version).mp3&product_file_name=Röyksopp & Susanne Sundfør ? Running To The Sea (Studio Version).mp3&installer_file_name=Röyksopp & Susanne Sundfør ? Running To The Sea (Studio Version).mp3&product_download_url=http://srv78.vidtomp3.com/download/.../Röyksopp & Susanne Sundfør ? Running To The Sea (Studio Version).mp3  (ryksopp & susanne sundfr _ running to the sea (studio version).exe)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=Explanation of hadeeth: " Indeed Actions are but by Intentions..." - Uwais at-taweel.mp3&product_title=Explanation of hadeeth: " Indeed Actions are but by Intentions..." - Uwais at-taweel.mp3&product_file_name=Explanation of hadeeth: " Indeed Actions are but by Intentions..." - Uwais at-taweel.mp3&installer_file_name=Explanation of hadeeth: " Indeed Actions are but by Intentions..." - Uwais at-taweel.mp3&product_download_url=http://srv39.listentoyoutube.com/download/.../Explanation of hadeeth: " Indeed Actions are but by Intentions..." - Uwais at-taweel.mp3  (explanation of hadeeth_ - indeed actions are but by intentions...- - uwais at-taweel.exe)

10 / 68    (PUP)
http://b.developean.in/v3500?self_redirect=0&product_name=3 ساعات Ù?Ù? أجÙ?Ù? Ù? أرÙ?ع اÙ?Ø£Ù?اشÙ?د - Ø£Ù?اشÙ?د Ù?ادئÙ? بدÙ?Ù? Ù?Ù?سÙ?Ù?Ù?.mp3&product_title=3 ساعات Ù?Ù? أجÙ?Ù? Ù? أرÙ?ع اÙ?Ø£Ù?اشÙ?د - Ø£Ù?اشÙ?د Ù?ادئÙ? بدÙ?Ù? Ù?Ù?سÙ?Ù?Ù?.mp3&product_file_name=3 ساعات Ù?Ù? أجÙ?Ù? Ù? أرÙ?ع اÙ?Ø£Ù?اشÙ?د - Ø£Ù?اشÙ?د Ù?ادئÙ? بدÙ?Ù? Ù?Ù?سÙ?Ù?Ù?.mp3&installer_file_name=3 ساعات Ù?Ù? أجÙ?Ù? Ù? أرÙ?ع اÙ?Ø£Ù?اشÙ?د - Ø£Ù?اشÙ?د Ù?ادئÙ? بدÙ?Ù? Ù?Ù?سÙ?Ù?Ù?.mp3&product_download_url=http://srv54.vidtomp3.com/download/.../3 ساعات Ù?Ù? أجÙ?Ù? Ù? أرÙ?ع اÙ?Ø£Ù?اشÙ?د - Ø£Ù?اشÙ?د Ù?ادئÙ? بدÙ?Ù? Ù?Ù?سÙ?Ù?Ù?.mp3  (3 - .exe)

1 / 68      (Malware)
http://b.developean.in/v377?self_redirect=0&product_name=??????? ??????&product_title=??????? ??????&product_file_name=??????? ??????.exe&installer_file_name=??????? ??????&product_download_url=http://.../get.php?file=220690ce&m  (8947e080cce7245085f7ef1704bfc06e)

1 / 68      (Malware)
http://b.developean.in/v3500?self_redirect=0&product_name=Chiara - Straordinario.mp3&product_title=Chiara - Straordinario.mp3&product_file_name=Chiara - Straordinario.mp3&installer_file_name=Chiara - Straordinario.mp3&product_download_url=http://srv78.vidtomp3.com/download/.../Chiara - Straordinario.mp3  (chiara - straordinario.exe)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=Legend.mp3&product_title=Legend.mp3&product_file_name=Legend.mp3&installer_file_name=Legend.mp3&product_download_url=http://srv44.listentoyoutube.com/download/.../Legend.mp3  (legend.exe)

1 / 68      (Adware)
http://b.developean.in/v2356?product_name=TusFiles&filesize=2.0 MB&product_title=11071-1.rar&installer_file_name=11071-1.rar&product_file_name=11071-1.rar&product_download_url=http://k.tusfiles.net/d/.../11071-1.rar  (11071-1.rar.exe)

1 / 68      (Malware)
http://b.developean.in/v377?self_redirect=0&product_name=AVTECH Video Viewer 0.1.9.9 www.remo-xp.com&product_title=AVTECH Video Viewer 0.1.9.9 www.remo-xp.com&product_file_name=AVTECH Video Viewer 0.1.9.9 www.remo-xp.com.exe&installer_file_name=AVTECH Video Viewer 0.1.9.9 www.remo-xp.com&product_download_url=http://.../get.php?file=aa4dd9df&m  (1d94eed9fcade11ed3c3de7516fdf043)

1 / 68      (Malware)
http://b.developean.in/v2606?self_redirect=0&product_name=melba moore - livin for your love.mp3&product_title=melba moore - livin for your love.mp3&product_file_name=melba moore - livin for your love.mp3&installer_file_name=melba moore - livin for your love.mp3&product_download_url=http://srv50.listentoyoutube.com/download/.../melba moore - livin for your love.mp3  (melba moore - livin for your love.exe)

22 / 68    (PUP)
http://b.developean.in/download/v3500?self_redirect=0&installer_file_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_file_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_title=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_download_url=http://srv39.vidtomp3.com/download/4pqVbm1moGVsr6yq3JactGpkmmdoZHFunpPfjqKU3KGho2w=/Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&st=0&IX_Startapp=1&self_redirect=0&for_html_installer=1&layout_id=8&project_name=VidToMP3&filesize=&reffer=http://.../&uuid=LWLUHLSI3MyEs9Tg1dh3Je1z4Cvhkh4BJQtooCOu1OusCqxvxhfja6j38WxxWVx4ENcrr3Q5f8dr9cKTbYnX4D5SkTCVLVSHYbX71P1Z5qL2LWg2RkISVFnFxx158W9enm7zHVENnO3sDfFOdRLziJnMdW1nuMKjazjyahEjqe6X1gmk6hl2Uhn58aClP2ZZXo10arc7fIRX5Yd62BRzeUtbkVjT21XSkkOcsYuWYyV3caykPLgzG1QGu7tb2QwcWHLOTUVZcIqmBv19AqEnn  (top dubstep drops - epic motivational mix (powered edition).exe)

22 / 68    (PUP)
http://b.developean.in/v3500?self_redirect=0&product_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_title=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_file_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&installer_file_name=Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3&product_download_url=http://srv39.vidtomp3.com/download/.../Top Dubstep Drops - Epic Motivational Mix (Powered edition).mp3  (top dubstep drops - epic motivational mix (powered edition).exe)

25 / 68    (PUP)
http://b.developean.in/v377?self_redirect=0&product_name=fileSysCheck&product_title=fileSysCheck&product_file_name=fileSysCheck.exe&installer_file_name=fileSysCheck&product_download_url=http://.../get.php?file=274c7d6a&m  (c48ed0d87bfbdc29871b754af90ecb52)

22 / 68    (PUP)
http://b.developean.in/v377?self_redirect=0&product_name=Unlock.Root.Pro.v4.1.2.Incl.Serial-P2P&product_title=Unlock.Root.Pro.v4.1.2.Incl.Serial-P2P&product_file_name=Unlock.Root.Pro.v4.1.2.Incl.Serial-P2P.exe&installer_file_name=Unlock.Root.Pro.v4.1.2.Incl.Serial-P2P&product_download_url=http://.../get.php?file=fc7ab5b2&m  (unlock.root.pro.v4.1.2.incl.serial-p2p_2014.exe)

22 / 68    (PUP)
http://b.developean.in/v377?self_redirect=0&product_name=BAGAS31 - Activation Dll-Files-Fixer&product_title=BAGAS31 - Activation Dll-Files-Fixer&product_file_name=BAGAS31 - Activation Dll-Files-Fixer.exe&installer_file_name=BAGAS31 - Activation Dll-Files-Fixer&product_download_url=http://.../get.php?file=b93fb993&m  (655b34ddc7fc1b533de6a5a9a39f669d)

22 / 68    (PUP)
http://b.developean.in/v2606?self_redirect=0&product_name=Refreshing Elevator music.mp3&product_title=Refreshing Elevator music.mp3&product_file_name=Refreshing Elevator music.mp3&installer_file_name=Refreshing Elevator music.mp3&product_download_url=http://srv65.listentoyoutube.com/download/.../Refreshing Elevator music.mp3  (refreshing elevator music.exe)

23 / 68    (PUP)
http://b.developean.in/v3500?self_redirect=0&product_name=This Is Why I Grind - Greatest Motivation ?? ft. Eric Thomas & Les Brown.mp3&product_title=This Is Why I Grind - Greatest Motivation ?? ft. Eric Thomas & Les Brown.mp3&product_file_name=This Is Why I Grind - Greatest Motivation ?? ft. Eric Thomas & Les Brown.mp3&installer_file_name=This Is Why I Grind - Greatest Motivation ?? ft. Eric Thomas & Les Brown.mp3&product_download_url=http://srv62.vidtomp3.com/download/.../This Is Why I Grind - Greatest Motivation ?? ft. Eric Thomas & Les Brown.mp3  (this is why i grind - greatest motivation __ ft. eric thomas & les brown.exe)

37 / 68    (Malware)
http://b.developean.in/v377?self_redirect=0&product_name=wrar-x32-420&product_title=wrar-x32-420&product_file_name=wrar-x32-420.exe&installer_file_name=wrar-x32-420&product_download_url=http://.../get.php?file=17206913&m  (bb58e93feba2c64e9324a6f958930c1d)

20 / 68    (PUP)
http://b.developean.in/v377?self_redirect=0&product_name=Allway Sync Pro 11.7.0 Portable&product_title=Allway Sync Pro 11.7.0 Portable&product_file_name=Allway Sync Pro 11.7.0 Portable.exe&installer_file_name=Allway Sync Pro 11.7.0 Portable&product_download_url=http://.../get.php?file=60dfee42&m  (e846e9a5981b8733bacad9f1b92f07b5)

 
Latest 30 of 32 download URLs

The following 3 files have been seen to comunicate with b.developean.in in live environments.

TCP » 54.149.241.47:80
papers please v1.0.41 setup.exe

TCP » 54.149.241.47:80
installer_game develop.exe

TCP » 54.69.228.231:80
download.exe

URL:
http://b.developean.in/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
openresty

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.