home

br.keweek.com

China Capital Investment Limited

Domain Information

The domain br.keweek.com registered by China Capital Investment Limited was initially registered in November of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Vitoria-Gasteiz, Pais Vasco within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
INTERWEB ADVERTISING D.B.A. PROFILE BUILDER

Server location:
Pais Vasco, Spain (ES)

Create date:
Saturday, November 7, 2015

Expires date:
Monday, November 7, 2016

Updated date:
Saturday, November 7, 2015

ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES

Root domain:
keweek.com

Whois:
3 keweek.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AstroDeliveryFriedCookie.Y, PUP.installCore.FreeSoftware (M), PUP.InstallCore.Installer.Installer (M), PUP.Air Software.DownloadAssistant.Bundler (M), PUP.InstallCore.Installer (M), PUP.InstallCore.FC (M), PUP.InstallCore.FC.Installer (M), PUP.Air Software.Download.Bundler (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.installCore.FreeSoft (M), PUP.Vittalia.Bundler (M), PUP.Air Software (M), PUP.Tightrope (M), PUP.installCore (M)
100.00%

Dr.Web
Trojan.InstallCore.15
2.86%

VIPRE Antivirus
Threat.4150696
2.86%

ESET NOD32
Win32/InstallCore.RO potentially unwanted application
2.86%

Malwarebytes
PUP.Optional.InstallCore
2.86%

K7 AntiVirus
Trojan
2.86%

Comodo Security
Application.Win32.InstallCore.RFPA
2.86%

Avira AntiVirus
ADWARE/InstallCore.Gen7
2.86%

AVG
Generic
2.86%

The domain br.keweek.com has been seen to resolve to the following 6 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
August 6, 2016

199.83.132.93
199.83.132.93.ip.incapdns.net
June 26, 2016

104.130.124.96
April 2, 2016

50.56.220.58
50-56-220-58.static.cloud-ips.com
February 10, 2016

37.152.88.204
www.renewyourexpireddomain.com
September 21, 2015

93.189.33.11
rack6u11.hispaweb.net
November 1, 2014

File downloads found at URLs served by br.keweek.com.

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=5501471665586645405|10835|17421472631|87068533247|c|s|b|1s2|56106693551||s||pro printkey|20141021&tmuid=3c8b9292748c9ed3eff2885c1a064328  (installer_printkey-pro_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=4641241354110519611|10580|17421400151|3995143489|c|g|b|1t1|56106551711||s||san gta andreas|20141021&tmuid=701d0dd79ffb52830c5248ad3b9f3e48  (installer_gta_san_andreas_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=9614111296791659773|11042|17421483551|11998340043|c|s|b|1t1|56106717071||s||whatsapp|20141021&tmuid=5faf96dbea2e72690ab5325bdd6fa082  (installer_whatsapp_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=10393004818688054793|10734|17421517511|258755909|c|g|b|1t2|56106782711||s||mozilla firefox|20141021&tmuid=72d6286a759f6c3482c06675cf41c0c7  (installer_mozilla_firefox_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=6377512656355857060|10368|16052450949|49427307200|c|s|e|1t4|51915307989||s||bluestacks|20141021&tmuid=7a3a814d52fbcbcc92eb23aa390d7d4e  (installer_bluestacks_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=15548135014759002501|10139|17421430271|271831777|c|s|b|1t7|56106639551||s||reader adobe|20141021&tmuid=2381da1907ad0c8bcf3e0d64928dccc0  (installer_adobe_reader_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=12866137139739593884|10427|17421396311|2738706924|c|g|b|1t1|56106544271||s||baixar counter strike|20141021&tmuid=e8cdf01302dcbb35949e69e0d0eceaf4  (installer_counter_strike_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=13844956747573850887|10725|17421402911|12523780290|c|s|b|1t2|56106557231||s||minecraft|20141021&tmuid=af3a409687e4b05218b83dd8e2d07f57  (installer_minecraft_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=1077894774037473817|10137|17421478631|15635002|c|s|b|1t3|56106701351||s||download adobe photoshop|20141021&tmuid=3af77ba408faf4959e3dc06875a4c2ec  (installer_adobe_photoshop_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=17370197634746860667|11042|17421483551|11998340043|c|g|b|1s1|56106717071||s||whatsapp|20141021&tmuid=8231f9fdb08de53a59bb7905a8362ff2  (installer_whatsapp_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=8801355909034680122|11042|17421483551|11998340043|c|g|b|1s2|56106717071||s||whatsapp|20141021&tmuid=21333db7b6be41ce59a6664bd0056d8a  (installer_whatsapp_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=8880291555932338739|10725|18409941795|19928529742|c|g|p|1o2|54879363435||s||minecraft|20141021&tmuid=049567b23c5ab40649eeeac55ebdf967  (installer_minecraft_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=3574801985837888786|10612|17421515111|20969223|c|g|b|1t1|56106777911||s||explorer internet|20141021  (installer_internet_explorer_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=9095304454192380243|11042|17421483551|18626087857|c|s|b|1t2|55962971231||s||download whatsapp|20141021&tmuid=587cf6bba5e260ebb8887bbece0381a5  (installer_whatsapp_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=9279621776384989337|10859|17421406151|25459843477|c|s|b|1t1|56106563591||s||raidcall|20141021&tmuid=d58adfd3748103cbcc612ab6f2ee1b79  (installer_raidcall_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=9013061503340076237|10763|15488024097|2226428565|c|s|b|1t1|51498455457||s|| nero|20141021&tmuid=ebddbf575ac5cb70e63b94f008c0a17f  (installer_nero_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=10232635460654949954|10725|15487998537|63384477213|c|g|b|1t1|51498395817||s|| minecraft baixar|20141021&tmuid=310b48532529eba072afc5401b45ff43  (installer_minecraft_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=16920598426018628333|10324|15488103417|27986218436|c|s|b|1s1|51498652017||s|| catcher atube|20141021&tmuid=1622717593f31a12626d8f2d05c316d9  (installer_atube_catcher_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=12729464925371897303|10827|17421404831|87066147167|c|s|b|1t4|56106560951||s||zombies plant vs|20141021&tmuid=fe6870eb8d82bb5926295466fd0981dc  (installer_plant_vs__zombies_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=9728619241877003200|10814|17421475391|4087620092|c|s|b|1t4|56106694271||s||photoscape|20141021&tmuid=21318b89af10d762df776d7b47bf6fbd  (installer_photoscape_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=16248950881370260926|10427|18409935195|18843301|c|s|p|1t4|54879340155||s||counter strike|20141021&tmuid=5422851c89fe4d80907bbdf49c1e9c7b  (installer_counter_strike_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=16537061196541130326|10725|15487998537|63384477213|c|g|b|1t3|51498395817||s|| minecraft baixar|20141021&tmuid=21270175ab3de167749a8b5ef1a4fc04  (installer_minecraft_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=12434197989030962219|10965|17421522311|126011245|c|s|b|1t1|56106792311||s||download talk it|20141021&tmuid=f57782dd6d03e50f0b07622255d58c2a  (installer_talk_it_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=7836288744892855520|10309|15488102937|3028517936|c|s|b|1t4|51498649137||s|| ares|20141021&tmuid=d3395c70a7f27a128b3cbbcc20cc9a4f  (installer_ares_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=15548432822287215128|10580|15487984377|29889698614|c|g|b|1t2|51498411297||s|| gta san andreas baixar|20141021  (installer_gta_san_andreas_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=1876507117706238030|11058|17421473711|10394627|c|s|b|1s3|56106707951||s||windows movie maker|20141021&tmuid=74d3f0c44e614bbf9d06e1d1694ec132  (installer_windows_movie_maker_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=3057139050218140236|11025|17421498431|53904851156|c|g|b|1t1|56106745511||s||baixar virtual dj studio|20141021&tmuid=d4d77604ea35b3ebd685ad7ce0637c22  (installer_virtual_dj_studio_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=16060514333126393392|11025|17421498431|53904851156|c|g|b|1t1|56106745511||s||baixar virtual dj studio|20141021&tmuid=d4d77604ea35b3ebd685ad7ce0637c22  (installer_virtual_dj_studio_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=14363971226352836157|11042|17421483551|11998340043|c|g|b|1t2|56106717071||s||whatsapp|20141021&tmuid=9a4957f635355e0481e64e19e8d7d9f9  (installer_whatsapp_portuguese.exe)

1 / 68      (Adware)
http://br.keweek.com/.../download?p=tms&trckid=12127438332986599949|10734|17421517511|258755909|c|g|b|1t1|56106782711||s||mozilla firefox|20141021&tmuid=68c6eeb25961f0d7ae152b98b8fa4167  (installer_mozilla_firefox_portuguese.exe)

 
Latest 30 of 35 download URLs

The following 13 files have been seen to comunicate with br.keweek.com in live environments.

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 37.152.88.204:80
setup.exe

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

TCP » 50.56.220.58:443
translategenius.crx

URL:
http://br.keweek.com/

Web server:
nginx/1.8.1

Facebook:
Likes:  688

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.