home

cdn.vertitechnologygroup.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
vertitechnologygroup.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V1203, TROJ_GEN.F47V0526
100.00%

Reason Heuristics
PUP.Installer.LocalWeather.Z, PUP.Rollnon.R
100.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
50.00%

IKARUS anti.virus
AdWare.PricePeep
50.00%

The domain cdn.vertitechnologygroup.com has been seen to resolve to the following 11 IP addresses.

54.192.195.126
server-54-192-195-126.iad53.r.cloudfront.net
February 20, 2016

54.192.195.219
server-54-192-195-219.iad53.r.cloudfront.net
February 20, 2016

54.192.195.158
server-54-192-195-158.iad53.r.cloudfront.net
February 20, 2016

54.192.195.106
server-54-192-195-106.iad53.r.cloudfront.net
February 3, 2016

54.192.195.84
server-54-192-195-84.iad53.r.cloudfront.net
February 3, 2016

54.192.195.222
server-54-192-195-222.iad53.r.cloudfront.net
February 3, 2016

54.192.195.167
server-54-192-195-167.iad53.r.cloudfront.net
February 3, 2016

54.192.195.155
server-54-192-195-155.iad53.r.cloudfront.net
February 3, 2016

54.192.195.138
server-54-192-195-138.iad53.r.cloudfront.net
February 3, 2016

54.192.195.124
server-54-192-195-124.iad53.r.cloudfront.net
February 3, 2016

54.192.195.123
server-54-192-195-123.iad53.r.cloudfront.net
February 3, 2016

File downloads found at URLs served by cdn.vertitechnologygroup.com.

4 / 68      (Adware)
http://cdn.vertitechnologygroup.com/inst/cdn/.../Boost_790001_1010.exe  (186d4d2e9a0e1f09ca912b1a928ff245)

2 / 68      (Adware)
http://cdn.vertitechnologygroup.com/inst/cdn/.../DesktopWeatherAlertsSetup.exe  (ac1e1fe274c2ba03427c4003c196d7f9)

The following 6 files have been seen to comunicate with cdn.vertitechnologygroup.com in live environments.

TCP » 54.192.195.158:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.195.158:443
onlineguardian-v2.exe

TCP » 54.192.195.158:443
online-guardian.exe

TCP » 54.192.195.123:80
onlysetup.exe (by Pay By Ads)

TCP » 54.192.195.155:80
crossbrowse.exe (Crossbrowse)

TCP » 54.192.195.158:443
online-guardian-v2.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.