home

nuclear.coffee

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS32244 LIQUID-WEB-INC - Liquid Web, Inc.

Scanner detections:
Detections  (60% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BB, PUP.Optional.Installer.V, PUP.Optional.Installer.X
100.00%

The domain nuclear.coffee has been seen to resolve to the following IP address.

67.227.206.155
recover-keys.com
December 22, 2015

File downloads found at URLs served by nuclear.coffee.

0 / 68
https://nuclear.coffee/.../VideoGetInstaller_trial.exe  (adc8767215ec35140c9181e1b3759cc3)

0 / 68
https://nuclear.coffee/.../VideoGetInstaller_trial.exe  (9861dfffc17510aec8ac577f334abf28)

1 / 68      (PUP)
https://nuclear.coffee/.../ConvertVid_Installer.exe  (convertvid_installer v.2.0.0.41.exe)

1 / 68      (PUP)
https://nuclear.coffee/.../VideoGetInstaller-x64.exe  (9cc50dedd2f9ec8c11870604c253e0ee)

1 / 68      (PUP)
https://nuclear.coffee/.../VideoGetInstaller_trial.exe  (076bbf26e999228b69c2410449b925ab)

The following 7 files have been seen to comunicate with nuclear.coffee in live environments.

TCP » 67.227.206.155:80
VideoGet.exe (VideoGet by Nuclear Coffee Software)

TCP » 67.227.206.155:80
VideoGet.exe (VideoGet by Nuclear Coffee Software)

TCP » 67.227.206.155:80
VideoGet.exe (VideoGet by Nuclear Coffee Software)

TCP » 67.227.206.155:443
keyfinder.exe (Magical Jelly Bean Keyfinder by ONE UP)

TCP » 67.227.206.155:443
rk.tmp

TCP » 67.227.206.155:443
recoverkeysdemo.tmp

TCP » 67.227.206.155:80
product-key-finder.exe (Generic Software by Internet Software)

chestersoft.com

davehope.co.uk

mac-product-key-finder.com

nuclear-coffee.com

recover-keys.com

recover-passwords.com

videoget.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.