home

cdn.instalkiprogramsfordownloadfiles.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
instalkiprogramsfordownloadfiles.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.NewSoftwareMarekLubasMateuszPonikowski.Installer (M), PUP.installCore.NewSoftw.Installer (M)
100.00%

herdProtect (fuzzy)
a variant of ee9f29908272e3dce235045e3989621a751749fc
20.00%

K7 AntiVirus
Unwanted-Program
20.00%

Trend Micro House Call
Suspicious_GEN.F47V0406
20.00%

Dr.Web
Trojan.InstallCore.457
20.00%

McAfee
Artemis!39092CEC3FF5
20.00%

Baidu Antivirus
Adware.Win32.InstallCore
20.00%

ESET NOD32
Win32/InstallCore.YH potentially unwanted (variant)
20.00%

Fortinet FortiGate
Riskware/InstallCore
20.00%

The domain cdn.instalkiprogramsfordownloadfiles.com has been seen to resolve to the following 11 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 18, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 18, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 4, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 4, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 4, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 4, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 4, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 4, 2016

File downloads found at URLs served by cdn.instalkiprogramsfordownloadfiles.com.

1 / 68      (Adware)
http://cdn.instalkiprogramsfordownloadfiles.com/c?x=ztezbyQgF3uXFJU7/L2V970AqoycC0AIJW5wFj2XXLA=&c=FOmQW3ShRdimAMKs9bhulFeyzJoT5cHhlFPLAt7b8Glqzx9uxk/So8SED1ZM9GHzyGgaKzIc//Z9TINhhj3NXQ==&downloadAs=pobierz_Free_m4a_to_mp3_converter_V8.4.70.exe&fallback_url=http://.../  (6659d9fad4c0c701245f6fa4160ba09c)

9 / 68      (Adware)
http://cdn.instalkiprogramsfordownloadfiles.com/c?x=Yiwd1lDKhypviDMavSkuzZj/VMOd74sZGtpe5TTEEkk=&c=4EEMvDj5dATv9kzqHniQO55WRgXTeZk99eQg4tF4fTXiNa5NSTniog tz3DWBzC/Ex0Zy1/J0aC5H9o0JR7j/g==&downloadAs=pobierz_Winrar_32-bit_wersja_stabilna_V5.21.exe&fallback_url=http://.../  (29a5a6c7625a80d6520ddc2344c98d34)

1 / 68      (Adware)
http://cdn.instalkiprogramsfordownloadfiles.com/c?x=k0QtDYtL3DqQeips10m48/oQWMXP3A2ke7YrQ2Miv3I=&c=Dd8hk1b1N98gcm6K9kv6cQNMHBcRfdZosA7XP9Eawpiz9/sB/v/jY3d/Emz3bKmfqko5FW2rxNbqkcsIsrx1ww==&downloadAs=pobierz_Photoscape_V3.7.exe&fallback_url=http://.../  (89ac41a1db80298ace28b9dd7e8dcca1)

1 / 68      (Adware)
http://cdn.instalkiprogramsfordownloadfiles.com/c?x=knpmUb90b60NSgyDs0LDSCLpe78oZsEWn6jB2878nH4=&c=DmZSAan3o4Z41AluqTntesXKsIfMgICAAt8jBqvKjy8GbpepsJz8LEshpooCCoI3CzqPqyBdG/8W77mtaMNzUw==&downloadAs=pobierz_Ogg_converter_V1.00.exe&fallback_url=http://.../  (d126645bf9bb4bacb839838400d6d188)

1 / 68      (Adware)
http://cdn.instalkiprogramsfordownloadfiles.com/c?x=lpj pky1FRAWUPuVlaTtbpBL ygN5xGuMc9K6xDoHwg=&c=icYuNj48tLK7nD4gzq94sV5Cp/K8 3qDXE3AKaJ5k7ppvcQ0tzBZeG18QRrX4Tm1wH9ti438NYGVuPOSowFQGg==&downloadAs=pobierz_Windvd_pro_V11.7.0.2.exe&fallback_url=http://.../  (bbdb3df215ba6fd38c42744c31334d75)

The following 6 files have been seen to comunicate with cdn.instalkiprogramsfordownloadfiles.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.