The domain bamba.theplaora.com is registered by proxy through ENOM, INC. and was originally registered in November of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrant:
WHOISGUARD, INC.
Server location:
California, United States (US)
Create date:
Thursday, November 20, 2014
Expires date:
Sunday, November 20, 2016
Updated date:
Wednesday, November 18, 2015
ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US
Scanner detections:
Detections (56% detected)
Scan engine
Details
Detections
Baidu Antivirus
Adware.Win32.PicColor, PUA.Win32.Generik, Adware.Win32.CouponMarvel, Adware.Win32.Conduit
43.59%
Trend Micro House Call
TROJ_GEN.R0EAH09BD15, TROJ_GEN.R08NH09C815, Suspicious_GEN.F47V0405, Suspicious_GEN.F47V0222, Suspicious_GEN.F47V0526, Suspicious_GEN.F47V0527
38.46%
Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.171744, Gen:Variant.Jaik.6148, Gen:Variant.Graftor.177544, Gen:Variant.Graftor.178044, Trojan.GenericKD.2177847, Application.Agent.JN, Application.Generic.1543530, Application.Generic.1559169
35.90%
ESET NOD32
Win32/Adware.PicColor.L application, Win32/Adware.PicColor.Q application, multiple threats, Win32/Adware.CouponMarvel.E application, Win32/Adware.PicColor.Z application
33.33%
ESET NOD32
Win32/Adware.PicColor (variant), Generik.CSUXREI potentially unwanted (variant), Win32/Adware.CouponMarvel, Win32/Adware.CouponMarvel (variant)
33.33%
VIPRE Antivirus
Threat.4150696, Threat.5217618, Trojan.Win32.Generic, Conduit
30.77%
IKARUS anti.virus
Trojan.SuspectCRC, PUA.CouponMarvel, PUA.ClientConnect
30.77%
Fortinet FortiGate
Riskware/PicColor, Riskware/CouponMarvel, Riskware/Conduit_SearchProtect
25.64%
Microsoft Security Essentials
Threat.Undefined
25.64%
MicroWorld eScan
Gen:Variant.Adware.Graftor.171744, Gen:Variant.Jaik.6148, Gen:Variant.Graftor.177544, Gen:Variant.Graftor.178044, Trojan.GenericKD.2177847, Gen:Variant.Adware.Graftor.189558
23.08%
G Data
Gen:Variant.Adware.Graftor.171744, Gen:Variant.Jaik.6148, Gen:Variant.Graftor.177544, Gen:Variant.Graftor.178044, Trojan.GenericKD.2177847
23.08%
Bitdefender
Gen:Variant.Adware.Graftor.171744, Gen:Variant.Jaik.6148, Gen:Variant.Graftor.177544, Gen:Variant.Graftor.178044, Trojan.GenericKD.2177847
20.51%
F-Secure
Gen:Variant.Adware.Graftor.171744, Gen:Variant.Jaik.6148, Gen:Variant.Graftor.177544, Trojan.GenericKD.2177847, Gen:Variant.Application.Kazy
17.95%
Reason Heuristics
Threat.Win.Reputation.IMP, PUP.OutBrowse (M), PUP.Conduit.Installer
17.95%
avast!
Win32:Adware-gen [Adw], Dropper-gen [Drp], Win32:Conduit-B [PUP], Win32:Malware-gen
17.95%
The domain bamba.theplaora.com has been seen to resolve to the following IP address.
192-124-232-198.static.unitasglobal.net
February 6, 2016
File downloads found at URLs served by bamba.theplaora.com.
The following 41 files have been seen to comunicate with bamba.theplaora.com in live environments.
URL:
http://bamba.theplaora.com/
Web server:
NetDNA-cache/2.2
Related Domains