home

chachagong7.com

Domain Information

Server location:
Victoria, Australia (AU)

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AdGazelle.ClickYes.Installer (M), PUP.AdGazelle (M)
100.00%

The domain chachagong7.com has been seen to resolve to the following 2 IP addresses.

103.224.182.243
lb-182-243.above.com
September 17, 2016

185.53.177.7
August 16, 2016

File downloads found at URLs served by chachagong7.com.

1 / 68      (Adware)
http://chachagong7.com/download/.../14630?lpm_id=87  (setup.exe)

1 / 68      (Adware)
http://chachagong7.com/download/.../14631?lpm_id=15&filename=setup.exe  (bb8fa601a0c65c7e98cff0ebba3c68a4)

1 / 68      (Adware)
http://chachagong7.com/.../cw?enc=MWVkNDI3ODlhZDkzNDAwMjk1NDUzZmUzNjQ5OWY0ZjJKRwMWCBUNXFcHXVYFCFYHWA0AUAcHXQtXVwoMVA1UVFQDUFdTVBoVQxJeEQ4SAlELUQMCBlJdVVIDDQkEAwcDAlwBA1MPWwxXVlsKVgYSHhtcRBcJRFcCBRoICl8aUwEfUVMWHhVQShVGAxFXWFFRUVRTWl0BUh1VW1QDXgREHhMAHEQQDQ4KVFMJBg0JBgQNAgwCClZSBBoWXVsBFlxcRAkIGBBcXUBDXhsCVwFSBAEGAQIFAwQHBgIAAFQCVFMCXAENBg8JWgddWhEYElxCWhcOFwJSVBEaFlpJRA5EEhNJRkFAWxoDQwxNR0QKHx1aUVobQBcGV1gGF1oJWUl9QRENWVtNXUsxFlZwdmdCU0lFUVEdHAxDFBgbShRXRAgTFgdrU1QaFUMAVF0WChJRUVRXXVIBCl1RAxdaCVlEHhMVDUEQDRobTUZXXhYKEhAVF1dYQ0RfEQUDDwBQBEQeEwgAWRANGksOChsfFkRVQFQXDhcRSkdSVUAbA0QWShBdBwgWCBUaFUMHUREOEhIeG0VWFwlEVgYOBg8OVgVUBQBRVwECBw4KWFUbHxZWXhADF0dQRxMVHVNMXBtKFgVfVRZGDhAVFBsCBxsJFnp_EBUXR1oRXANSWkdcFURXBUVFR14FHhVWWgITTREOABwQS0UWDxFQVFcOAAkBBFFSUFJRUFIAD1sLVVUPA1cJBlBYVAFUV0RJEVdHXVJEDghHXQkZ  (setup.exe)

1 / 68      (Adware)
http://chachagong7.com/download/.../14634?lpm_id=15&filename=setup.exe  (d4335f07b336ad865b43a99d0cdc87b1)

The following 11 files have been seen to comunicate with chachagong7.com in live environments.

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.243:587
www.exe

TCP » 103.224.182.243:80
download.exe (Gerenciador de Download by ASSISTENTE DE DOWNLOAD)

TCP » 103.224.182.243:80
online-guardian-v2.0.9.exe

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.243:80
bi.exe (UpgradeService141217)

TCP » 103.224.182.243:80
main.exe

TCP » 103.224.182.243:80
flamengo x vasco ao vivo.exe

TCP » 185.53.177.7:80
fb-leadjacker.crx

TCP » 185.53.177.7:80
eco_launch.crx

TCP » 185.53.177.7:80
fb-leadjacker.crx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.