» get.strecentcra.download
Overview
Analysis
IPs Addresses (8)
Downloads (1)
Network (16)

get.strecentcra.download

Domain Information

Server location:

Washington, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

strecentcra.download

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Adware.Bundler

100.00%

The domain get.strecentcra.download has been seen to resolve to the following 8 IP addresses.

server-52-84-125-98.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-74.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-19.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-219.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-209.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-181.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-133.iad16.r.cloudfront.net

September 18, 2016

server-52-84-125-122.iad16.r.cloudfront.net

September 18, 2016

File downloads found at URLs served by get.strecentcra.download.

1 / 68 (PUP)

http://get.strecentcra.download/?CpX3bi_SLASH_R5nxti2_SLASH_pgK455v4EoKRcO1e_PLUS_Z6ZpeSS90YA_EQUALS_&flp=1 (the-culling-downloader.exe)

The following 16 files have been seen to comunicate with get.strecentcra.download in live environments.

TCP » 52.84.125.74:443

browser.exe (Browser)

TCP » 52.84.125.19:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.98:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.19:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.98:443

TCP » 52.84.125.98:80

Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.181:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.181:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.98:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.19:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.19:443

online-guardian-v2.0.9.exe

TCP » 52.84.125.74:80

apptrailers.exe

TCP » 52.84.125.98:443

stormwatchapp.exe

TCP » 52.84.125.181:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.19:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.19:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.19:80

Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.219:80

browser.exe (Browser)

TCP » 52.84.125.74:80

girlsgeneration_theme.crx

Latest 20 of 36 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.