home

ot.track.6832epc.com

Grupo Blidoo S.L.

Domain Information

The domain ot.track.6832epc.com registered by Grupo Blidoo S.L. was initially registered in August of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Friday, August 22, 2014

Expires date:
Saturday, August 22, 2015

Updated date:
Friday, August 22, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
6832epc.com

Whois:
1 6832epc.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PopelerSystemsl.L, PUP.Installer.EilioDevelopmentssl.L, PUP.Solimba.PopelerSystemsl.Installer (M), PUP.Solimba (M)
100.00%

Dr.Web
Trojan.DownLoader11.24441
33.33%

VIPRE Antivirus
Threat.4150696, Threat.4782980
33.33%

avast!
Win32:PUP-gen [PUP], Win32:Solimba-M [PUP]
33.33%

MicroWorld eScan
Application.Bundler.BM, Gen:Variant.Application.Bundler.Kazy.132995
33.33%

Malwarebytes
PUP.Optional.Popeler, PUP.Optional.Solimba
33.33%

K7 AntiVirus
Unwanted-Program
33.33%

Agnitum Outpost
PUA.Solimba
33.33%

Bitdefender
Application.Bundler.BM, Gen:Variant.Application.Bundler.Kazy.132995
33.33%

Lavasoft Ad-Aware
Application.Bundler.BM, Gen:Variant.Application.Bundler.Kazy.132995
33.33%

Comodo Security
Application.Win32.Firseria.MAP, Application.Win32.Solimba.LSW
33.33%

F-Secure
Application.Bundler.BM, Gen:Variant.Application.Bundler
33.33%

Avira AntiVirus
APPL/Firseria.Gen8
33.33%

Sophos
Solimba Installer
33.33%

G Data
Application.Bundler.BM, Gen:Variant.Application.Bundler.Kazy.132995
33.33%

The domain ot.track.6832epc.com has been seen to resolve to the following 2 IP addresses.

107.20.149.171
ec2-107-20-149-171.compute-1.amazonaws.com
September 9, 2014

54.225.148.225
ec2-54-225-148-225.compute-1.amazonaws.com
September 9, 2014

File downloads found at URLs served by ot.track.6832epc.com.

1 / 68      (Adware)
http://ot.track.6832epc.com/d/.../7083579502  (flashplayer.exe)

1 / 68      (Adware)
http://ot.track.6832epc.com/d/.../6807885385  (flashplayer.exe)

1 / 68      (Adware)
http://ot.track.6832epc.com/d/.../6808206767  (flashplayer.exe)

1 / 68      (Adware)
http://ot.track.6832epc.com/d/.../6791412489  (flashplayer.exe)

31 / 68    (Adware)
http://ot.track.6832epc.com/d/.../7191571308  (flashplayer.exe)

28 / 68    (Adware)
http://ot.track.6832epc.com/d/.../6916363864  (flashplayer.exe)

URL:
http://ot.track.6832epc.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.