k.theplaora.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain k.theplaora.com is registered by proxy through ENOM, INC. and was originally registered in November of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Thursday, November 20, 2014

Expires date:
Sunday, November 20, 2016

Updated date:
Wednesday, November 18, 2015

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen, HEUR/QVM10.1.Malware.Gen
85.71%

G Data
Gen:Variant.Graftor.171744, Gen:Variant.Adware.Graftor.171744, Gen:Variant.Adware.Graftor.175923, Win32.Trojan.Agent.DTHKRR
71.43%

Trend Micro House Call
Suspicious_GEN.F47V1225, TROJ_GEN.R02SH09AV15, TROJ_GEN.R047H09BB15, Suspicious_GEN.F47V1230
57.14%

MicroWorld eScan
Gen:Variant.Graftor.171744, Gen:Variant.Adware.Graftor.171744, Gen:Variant.Adware.Graftor.175923
57.14%

Bitdefender
Gen:Variant.Graftor.171744, Gen:Variant.Adware.Graftor.171744, Gen:Variant.Adware.Graftor.175923
57.14%

Emsisoft Anti-Malware
Gen:Variant.Graftor.171744, Gen:Variant.Adware.Graftor.171744, Gen:Variant.Adware.Graftor.175923
57.14%

Reason Heuristics
Threat.Win.Reputation.IMP
57.14%

ESET NOD32
Win32/Adware.PicColor (variant)
57.14%

IKARUS anti.virus
PUA.PicColor
57.14%

AVG
Generic, Adware Generic6
57.14%

K7 AntiVirus
Adware
42.86%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
42.86%

avast!
Win32:Malware-gen, Win32:Adware-gen [Adw], NSIS:Adware-QY [Adw]
42.86%

Comodo Security
ApplicUnwnt
42.86%

Avira AntiVirus
Adware/PicColor.423072.9
42.86%

The domain k.theplaora.com has been seen to resolve to the following IP address.

192-124-232-198.static.unitasglobal.net
February 2, 2016

File downloads found at URLs served by k.theplaora.com.

5 / 68      (PUP)

14 / 68    (PUP)

14 / 68    (PUP)
http://k.theplaora.com/.../SUChecker.exe  (a581d9418b37dddf5e793803b2059607)

7 / 68      (PUP)

16 / 68    (PUP)

16 / 68    (PUP)
http://k.theplaora.com/.../SUChecker.exe  (9e08cd59e25474f7451c2cdcbfbb3246)

The following 41 files have been seen to comunicate with k.theplaora.com in live environments.

 
Latest 20 of 50 files

URL:
http://k.theplaora.com/

Web server:
NetDNA-cache/2.2

30 of 39 related domains