» cdn.directbuildqueue.com
Overview
Analysis
IPs Addresses (1)
Downloads (3)
Network (28)

cdn.directbuildqueue.com

Domain Information

Server location:

Florida, United States (US)

ASN:

AS32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Prolexic Technologies, Inc.,US

Root domain:

directbuildqueue.com

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.NewITSolutions.Meta (L), PUP.InstallCore.FC.Installer (M), PUP.InstallCore.FC (M)

100.00%

The domain cdn.directbuildqueue.com has been seen to resolve to the following IP address.

unknown.prolexic.com

May 17, 2016

File downloads found at URLs served by cdn.directbuildqueue.com.

1 / 68 (Adware)

http://cdn.directbuildqueue.com/c?x=x9LeKE70OpjXuXSftCm4BZmeX8wWRLlcLuRVqMTRyH8=&c=O2qeqhBsghBZmAx3Wa01Jqm5QOSoB5HJVsByrb8oEpy8vumaZMExn4TPUEWPa3ez1Xf9xi8PKXikXJUVonZJow==&fallback_url=http://onlineradiotuner.com/.../Setup.exe (online-radio-tuner-2-5-5242-18432-32-bits.exe)

1 / 68 (Adware)

http://cdn.directbuildqueue.com/c?x= KBxejrrbYNmUYP8H7rd/idPYYbUe4yKmA6SZZkcmC4=&c=EKTJbFxrTeu2jCVs80YKoHcP/ue6Ov6R/hebXH/MLZaGc7K0ZNXirK3HteoEwnICF3U04b5mvvJhLYSXhrWAJQ==&downloadAs=recuva-32-bits.exe&fallback_url=https://secure.piriform.com/.../cookie?affiliate=15457 (e9e9e6d2c651616c9fed97c8f94bf829)

1 / 68 (PUP)

http://cdn.directbuildqueue.com/c?x=OwHsFaBquudlRE03JtbzdxkOAJrd3mvHpZjLM/6AxSk=&c=DV0tlk8on8js4gQvJeB0RDWEqyg9oYys1E2fVKqlnYEdhmjoTt3TzuGu7ZS3JNRQVWlltDtxhAqj7SIQrGUm Q==&fallback_url=http://dc730.4shared.com/download/.../4shared_Desktop_401126402.exe (4shared_desktop_4.0.11.26402.exe)

The following 28 files have been seen to comunicate with cdn.directbuildqueue.com in live environments.

TCP » 72.52.4.119:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80

TBNotifier.exe (Ask TBNotifier by APN)

TCP » 72.52.4.119:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80

ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 72.52.4.119:80

online-guardian-v2.0.9.exe

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 72.52.4.119:80

autorun.exe (SoftFullDownload.blogspot.com)

TCP » 72.52.4.119:80

hbpzabffmyx.exe

TCP » 72.52.4.119:80

cpx.exe (Google Embedded Application)

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

TCP » 72.52.4.119:25

TCP » 72.52.4.119:25

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

TCP » 72.52.4.119:80

websiterecommendation_2_2.crx

TCP » 72.52.4.119:80

fanaticoonline.crx

TCP » 72.52.4.119:25

tiddiszagtor.exe (Faster Aids Manager by XIGMATEK)

TCP » 72.52.4.119:326

Latest 20 of 33 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.