home

cdn.instalkifastandcleandownloads.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
instalkifastandcleandownloads.com

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.NewSoftwareMarekLubasMateuszPonikowski.Installer (M), PUP.installCore.NewSoftw.Installer (M)
66.67%

Dr.Web
Trojan.InstallCore.457
22.22%

ESET NOD32
Win32/InstallCore.YH potentially unwanted application
22.22%

K7 AntiVirus
Unwanted-Program
22.22%

Baidu Antivirus
Adware.Win32.InstallCore
22.22%

herdProtect (fuzzy)
a variant of db21af8d034078775431c7d1153bd2cdf5c517dc
22.22%

VIPRE Antivirus
Threat.4150696
22.22%

AVG
Adware InstallCore
22.22%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
11.11%

F-Secure
Application:W32/Generic.70053c248f!Online
11.11%

The domain cdn.instalkifastandcleandownloads.com has been seen to resolve to the following 11 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 17, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 17, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 20, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 20, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 20, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 2, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 2, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 2, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 2, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 2, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 2, 2016

File downloads found at URLs served by cdn.instalkifastandcleandownloads.com.

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=tSoAqR1jwT7 iNKGy0PknyPzJEhgvxzhXeHlyWBkpfI=&c=DH4aqrd6FK0JM6iA5kgaJ5zSVCqvk5kTFtm4lanMwzItewanyhZEKSC52LdcnNVnINXqDrfMNv4arqsmiIi7Rg==&downloadAs=pobierz_Scratch_V1.4.exe&fallback_url=http://.../  (19ffd4c7a598155b6109a22c0b5b8b8d)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=zJg4dSPDu6qHEutNa5ngXuAwJlXkvMQAK16ljrOEtE4=&c=zBrOJv55rHR07Wq2R2KISxKFsJv LSR 70FCPfMCSW1gvniJUWtISgLzEfNhbSRTw4buYaKU40ucagP p1scMw==&downloadAs=pobierz_Utorrent_V3.4.2.exe&fallback_url=http://.../  (5be80c596e1e0a117b9e8395bbecb283)

2 / 68      (false positives)
http://cdn.instalkifastandcleandownloads.com/c?x=GY5OmX/PPswdooYDm7ZqHwe92StwuKOikc5t4cW96BA=&c=1l5ivhO5mZNqDQnLz7iG1PpdBGJS2RiOPjH1h/ZU9pMy5hbc7HiXnLe5cCtoSLuPynBnC2xiNyQUkC5DSvhNsQ==&downloadAs=pobierz_Winrar_32-bit_wersja_stabilna_V5.21.exe&fallback_url=http://.../  (wrar420.exe)

7 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=a78CeDqR7NMzmJFELCTrgbkiJSNMo 2yh7NeG/q vvQ=&c=2pH0F4WWRtxg/MBwnnFfFK9fAo/mmQdc4MK7eSgjEHYQrDpTG H3eIVqffI14FysZv2L9vnCT3UhhTC7QplJKA==&downloadAs=pobierz_Minecraft_windows_V1.8.3.exe&fallback_url=http://.../test.exe  (d6605e97567b13389ab43800e205b58c)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=INlqDep Lj1j6yIzJJWZJYJmunssa09HxiNcNQFyMok=&c=5GVzI6IjT06jRKegsBy5HtGN8rg3kS0ypboWfiiTg9NunyA3S4wTdWnVeRMRVS bp rjUqbltjOIzAMNEbMU5g==&downloadAs=pobierz_Bearshare_V12.0.0.135802.exe&fallback_url=http://.../  (69c5366d55b86af86943d7fa90e5c837)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=cBFyWlhzsYW3nY8ebp42Oh/ED7884zFtRKmraBYkG0Q=&c=sQnGu0vxUJsv3b/LS5LCE77CRN5Ak jlis0QDgaPegnmzrWWFKPRabHp17YaXTY4DoMGFGKIqYXId5ZYVLhIuA==&downloadAs=pobierz_Angry_birds_V4.0.0.exe&fallback_url=http://.../test.exe  (99b79bfe3db677d3d50e23c9f7ba5475)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=t/0lxp3JjByTajWxUk11Ii/Kswr1AWQdHwe0YLnt9ko=&c=RFoAJzI5O9LHITBMnD/wL4hAUSbiKJfxZSGnwjwguksPHslvfWFDrdyxuwZUBAWyoKL74LkU5FrOFEgRsEe rQ==&downloadAs=pobierz_Ip_camera_viewer_V2.1.0.exe&fallback_url=http://.../  (2668ab16dc5664bfb737b1d3b2b27987)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=H6GptXqdPfb6g4f 0HeJmWT Kyi0wjGZtNxJMqjElDA=&c=292wtyyY/r4zzJxrtkSi4iU2L50KVU2ZkcKP I6z N RG0byPJOnP2ujrFuYt2Xb66lYMOYn9yVJEWMjrZZvLQ==&downloadAs=pobierz_Utorrent_V3.4.2.exe&fallback_url=http://.../  (5be80c596e1e0a117b9e8395bbecb283)

7 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=PVmY2SUXn27u3v53mDRt4OtDv5UcCumVw6fnAVRmeb8=&c=gs3cKlYwup7mJ6/CS0fAcc4DgtCVvUlHpFf E/VsHfy9KQo/L9zRPqKt9S1GNnb8A41/wLJ2fWsfb838gj75Aw==&downloadAs=pobierz_Aimp_V3.60.1483.exe&fallback_url=http://.../  (5d6abbf30e04b54f6770b9ff2936300b)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=lGqXl3Xt2taLr9EZhbjRVqUzwePzj0hn/FjnXen0y5Y=&c=pZTHwjuapwok8z0Z8kunYDPTVs0oWlwZN04 4b6f6i2KdM7Ei81b/1ysNpwknVhpp/hM6E62mOhC9Aeh3Vu3yQ==&downloadAs=pobierz_Vlc_media_player_2.2.1_(32-bit)_V2.2.1.exe&fallback_url=http://.../  (niepotwierdzony 367325.crdownload)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=/dr5e2JTyFgth4rD4tHn/ziyZc6faotVW1rw5yX9gHQ=&c=4L1BJIePl8PBW3AYulqYl73vkvWcPlb5nzU75WWRgrVVmobIzSKms58HgXN0bCoYEyZrx3w2JhFVF/TnQAjeqg==&downloadAs=pobierz_Utorrent_V3.4.2.exe&fallback_url=http://.../  (5be80c596e1e0a117b9e8395bbecb283)

7 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=VPjc9VjrMGzyrsrSR3LyaUDoQlKr6zfuvYJRm/JCirA=&c= PbPrut5RPmdTtrOz8uBfBRcyROtLB/VmnXND1S6Aek lfBRePJjJpt/p6ZHBJ0grZiSmO0oOWz6LKByzLYimw==&downloadAs=pobierz_Minecraft_windows_V1.8.3.exe&fallback_url=http://.../test.exe  (d6605e97567b13389ab43800e205b58c)

1 / 68      (Adware)
http://cdn.instalkifastandcleandownloads.com/c?x=3SZK1uU9oRV0EeRPBbYsSIX8ACmKjS/4WY4qzybrNfM=&c=Xq9WfDTcLrn2lF3aCTfoVt4NS67ToRCxaS2xXoSNcYzENHPO4Hj9pJJlhyzbcM4rUT/hAmskeEZ5ogykurFHtQ==&downloadAs=pobierz_Utorrent_V3.4.2.exe&fallback_url=http://.../  (5be80c596e1e0a117b9e8395bbecb283)

The following 6 files have been seen to comunicate with cdn.instalkifastandcleandownloads.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.