gbstorage.stgbssint.com

Perion Network Ltd.

Domain Information

The domain gbstorage.stgbssint.com registered by Client Connect Ltd. was initially registered in December of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Toronto, Ontario within Canada which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Perion Network Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
Ontario, Canada (CA)

Create date:
Tuesday, December 17, 2013

Expires date:
Sunday, January 1, 2017

Updated date:
Tuesday, January 6, 2015

ASN:
AS16625 AKAMAI-AS - Akamai Technologies, Inc.,US

Root domain:

Scanner detections:
Detections  (68% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ClientConnect.I, PUP.Installer.Conduit, PUP.Perion.Guardbox, PUP.Conduit.ClientConnect.Installer (M)
60.87%

Bkav FE
W32.FamVT.ClientconnectB.TTc, W32.HfsAdware
60.87%

IKARUS anti.virus
PUA.Conduit.SearchProtect
56.52%

Trend Micro House Call
TROJ_GEN.R08NH07J614, TROJ_GEN.R00UH07BH15, Suspicious_GEN.F47V0516, Suspicious_GEN.F47V0512, Suspicious_GEN.F47V0415
43.48%

ESET NOD32
Detection.Undefined, Win32/Conduit.SearchProtect.N potentially unwanted application, Win32/Conduit.SearchProtect.AF potentially unwanted application
39.13%

VIPRE Antivirus
Conduit, Threat.4725471
13.04%

ESET NOD32
Win32/ClientConnect (variant), Win32/ClientConnect.A potentially unwanted (variant), Win32/Conduit.SearchProtect.N potentially unwanted (variant)
13.04%

Baidu Antivirus
PUA.Win32.ClientConnect, PUA.Win32.SearchProtect
13.04%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent, not-a-virus:AdWare.Win32.Agent
13.04%

Avira AntiVirus
PUA/SearchProtect.Gen
13.04%

Malwarebytes
PUP.Optional.ClientConnect
8.70%

Sophos
Generic PUA OO, Generic PUA BP
8.70%

G Data
Win32.Application.SearchProtect.AA@gen, Win32.Application.SearchProtect.AJ
8.70%

Fortinet FortiGate
Riskware/Agent
8.70%

Qihoo 360 Security
Win32/Application.7ea, Win32/Virus.WebToolbar.48f
8.70%

The domain gbstorage.stgbssint.com has been seen to resolve to the following 8 IP addresses.

a104-93-196-91.deploy.static.akamaitechnologies.com
May 26, 2016

a23-214-39-171.deploy.static.akamaitechnologies.com
April 13, 2016

a23-67-89-26.deploy.static.akamaitechnologies.com
February 28, 2016

a23-48-192-52.deploy.static.akamaitechnologies.com
February 27, 2016

a23-9-122-224.deploy.static.akamaitechnologies.com
February 22, 2016

a104-82-70-64.deploy.static.akamaitechnologies.com
January 4, 2016

a104-103-168-138.deploy.static.akamaitechnologies.com
January 4, 2016

a23-214-151-228.deploy.static.akamaitechnologies.com
January 2, 2016

File downloads found at URLs served by gbstorage.stgbssint.com.

4 / 68      (PUP)

5 / 68      (PUP)

4 / 68      (inconclusive)
http://gbstorage.stgbssint.com/stub/.../GBStub.exe  (cafc44bc72d956bacdce6a9b4a0a955b)

5 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (d93482878eb520924c3450956b806882)

14 / 68    (Adware)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (3c92d7d466df4eb9ca7ad3e6a1e90f30)

0 / 68
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (655a6f2cb95495cfe2956f789657cc4f)

3 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (c22fc4e9186779f45d60bf2f85dacdd0)

1 / 68      (Adware)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (f96ed247f6f65054c55d975e38639d1a)

1 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (b7dff4db5f06949481604153ab4e8ea4)

3 / 68      (inconclusive)

1 / 68      (Adware)

16 / 68    (Adware)
http://gbstorage.stgbssint.com/stub/.../GBStub.exe  (54e6b237e455706da4f40ff0cf68a474)

5 / 68      (inconclusive)
http://gbstorage.stgbssint.com/stub/.../GBStub.exe  (966db826b76337fe968ce9214b0b2a02)

3 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (44f286e6eac2db9a6d811088927f341f)

1 / 68      (PUP)

1 / 68      (PUP)

5 / 68

4 / 68      (PUP)

3 / 68      (PUP)

5 / 68      (PUP)

1 / 68      (Adware)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (41dd9b0ab8d1e337de1c569cbcf34197)

3 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (2d79a262bf89837ff522f31b1116b35d)

5 / 68      (PUP)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (f23a8b855ce62108966fa74c22238fcd)

5 / 68      (inconclusive)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (952313bf9515772af1834acf62215dfb)

0 / 68
http://gbstorage.stgbssint.com/stub/.../GBStub.exe  (49742c983f244b8e3ec6d1dce0daeef2)

5 / 68      (inconclusive)
http://gbstorage.stgbssint.com/Installer/.../Guardbox.exe  (fbaed5c6f60a1b4cddc8e35530495ad1)

URL:
http://gbstorage.stgbssint.com/

SSL certificate subject:
CN=*.stgbssint.com, OU=IT, O=Acquisio Inc., L=Foster City, S=CA, C=US

SSL certificate issuer:
CN=Verizon Akamai SureServer CA G14-SHA1, OU=Cybertrust, O=Verizon Enterprise Solutions, L=Amsterdam, C=NL

Web server:
Microsoft-IIS/8.5 (ASP.NET)