» halo-combat-evolved.soft32.es
Overview
Analysis
IPs Addresses (8)
Downloads (1)
Network (26)

halo-combat-evolved.soft32.es

Domain Information

Server location:

Virginia, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Downloader.Bundler.Soft32 (M)

100.00%

The domain halo-combat-evolved.soft32.es has been seen to resolve to the following 8 IP addresses.

server-54-192-192-87.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-53.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-24.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-205.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-199.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-179.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-123.iad53.r.cloudfront.net

September 1, 2016

server-54-192-192-97.iad53.r.cloudfront.net

September 1, 2016

File downloads found at URLs served by halo-combat-evolved.soft32.es.

1 / 68 (Adware)

http://halo-combat-evolved.soft32.es/get/file/.../775720?lp=dsa&tg=mx&kw=_cat:soft32.es&mt=b&ad=54594556736&pl=&ds=s&uid=14228382374156a8e26f15a77cfdd70a75c21c12e8&_ga=1422948450.1422838237&gclid=COe397qFwsMCFcECaQodX4YArg (halo-combat-evolved.exe)

The following 26 files have been seen to comunicate with halo-combat-evolved.soft32.es in live environments.

TCP » 54.192.192.53:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.192.87:443

UCBrowser.exe (by UCWeb)

TCP » 54.192.192.97:443

UCBrowser.exe (by UCWeb)

TCP » 54.192.192.199:80

1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 54.192.192.179:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.192.192.53:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 54.192.192.53:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.192.192.123:443

onlineguardian-v2.exe

TCP » 54.192.192.199:443

browser.exe (speed browser by Smart Applications)

TCP » 54.192.192.199:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 54.192.192.123:443

GPlayer.exe (by Exent Technologies)

TCP » 54.192.192.199:80

browser.exe (Browser)

TCP » 54.192.192.24:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.192.192.53:443

browser.exe (Browser)

TCP » 54.192.192.87:443

online-guardian-v2.0.9.exe

TCP » 54.192.192.199:443

onlineguardian-v2.exe

TCP » 54.192.192.24:80

ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.192.192.24:80

TCP » 54.192.192.53:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.192.192.53:80

Latest 20 of 42 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.