home

cdn.malavidarepositorycurrent.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
malavidarepositorycurrent.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.OntecniaMediaNetworks.Installer (M), PUP.installCore.Ontecnia.Installer (M), PUP.installCore (M)
100.00%

The domain cdn.malavidarepositorycurrent.com has been seen to resolve to the following 16 IP addresses.

185.53.178.13
September 18, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 19, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
August 19, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 19, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 19, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 19, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 19, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 19, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 19, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 19, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 4, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 4, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 4, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 4, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 4, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 4, 2016

File downloads found at URLs served by cdn.malavidarepositorycurrent.com.

1 / 68      (Adware)
http://cdn.malavidarepositorycurrent.com/c?x=F9BONt21dBgpQX64ce qpLmFF/oEsZaHNUVA0To xhk=&c=f6cOmOxB6lllF7ON3 p5FTES f4/xsC IQuT2nYVva yLpwDmqIlx4DaNKnNqiZSPfnfQXHkF7/yjugDYj78EL40hFgH4qBadAMyyM5Jkg0Cs4P/.../GrPfB2dgwVMMNxfj8jwbMMuhy9 RQvjc7A=&downloadAs=Malavida_Download_Manager.exe  (ff7ef6b34d0c90b94082d2bb8e35a955)

1 / 68      (Adware)
http://cdn.malavidarepositorycurrent.com/c?x=f95BKnj8DSu2VgdMaQ RP590V5hHH6w U4irdtJtdwA=&c=zO3Nizj3aBZKzLleVhlKCPctITpUfl83KuzcBiEmau/.../LoI2F9pSlE hi29m2UrYcVb90oitERVDj cznT9VK7qZQHi6liEvVwCEjcVjhNbfHFPXdkh04=&downloadAs=Malavida_Download_Manager.exe  (9c552a8a857ceb627b054d557a78c492)

1 / 68      (Adware)
http://cdn.malavidarepositorycurrent.com/.../jkjGL8jzdAvAROfNIFKC5ROWuqVH0 EUXZfZA2MTnPC4bgsgiDzGhnRQ87HgmHYrrIVy54GCJQkqZ8xOwYBqaiAWwYQqg5Hqun5r1KmCZnEWDWICtZ7YZ2e OmlRXr41 7NheQcPfDwKhyvwCpi1kDi4Z5lYSZGtD8NI=&downloadAs=Malavida_Download_Manager.exe  (1982782edbf5c9ad37f3907fbdcef8d8)

1 / 68      (Adware)
http://cdn.malavidarepositorycurrent.com/c?x=jA46/.../64zuZ6zVFQeXiiUOueucwGifUZachz5s=&downloadAs=Malavida_Download_Manager.exe  (d7458b602f973bb246eed49bca3f47a8)

1 / 68      (Adware)
http://cdn.malavidarepositorycurrent.com/c?x=C0BOvauXU9fSMWFVhgl rJLdNj1GatitOGq6MTfwjg=&c=H9iei0zNvI6WK8jZ1ctmGwLS IRGXU6qxXOtc5YZVModr7SUjJ0G9jCSei2KmE1P0XbRpTpGi2Jhmw/QEwOL81mmArSRB7nR3a0RC18Cn7wWwsS44AT9WJ37rp/.../iHPM69F4j9tG jvegA=&downloadAs=Malavida_Download_Manager.exe  (9af74d94a85683aab4c7b337b813a7dc)

The following 36 files have been seen to comunicate with cdn.malavidarepositorycurrent.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.