home

sharepod.soft32.es

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.es

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Downloader.Bundler.Soft32.Installer (M)
100.00%

The domain sharepod.soft32.es has been seen to resolve to the following 11 IP addresses.

54.230.194.61
server-54-230-194-61.iad53.r.cloudfront.net
July 30, 2016

54.230.194.60
server-54-230-194-60.iad53.r.cloudfront.net
July 30, 2016

54.230.194.46
server-54-230-194-46.iad53.r.cloudfront.net
July 30, 2016

54.230.194.40
server-54-230-194-40.iad53.r.cloudfront.net
July 30, 2016

54.230.194.236
server-54-230-194-236.iad53.r.cloudfront.net
July 30, 2016

54.230.194.216
server-54-230-194-216.iad53.r.cloudfront.net
July 30, 2016

54.230.194.116
server-54-230-194-116.iad53.r.cloudfront.net
July 30, 2016

54.230.194.82
server-54-230-194-82.iad53.r.cloudfront.net
July 30, 2016

199.27.76.249
June 8, 2016

23.235.39.249
May 17, 2016

23.235.46.249
May 17, 2016

File downloads found at URLs served by sharepod.soft32.es.

1 / 68      (Adware)
http://sharepod.soft32.es/get/file/id/.../?rel=center  (sharepod setup.exe)

1 / 68      (Adware)
http://sharepod.soft32.es/get/file/id/.../?lp=dsa&tg=ar&kw=_cat:soft32.es&mt=b&ad=31507504442&pl=&ds=s&uid=140743777265402871c60c69d28dcadd0bf5b3fb74&_ga=2084066665.1407437772&gclid=Cj0KEQjwx4yfBRCt2rrAs-P5vtkBEiQAOdFXbTCAbVJLypcNiBMNf-shVRqvUEVgMm1KecXLETHWMPkaAphb8P8HAQ  (sharepod setup.exe)

1 / 68      (Adware)
http://sharepod.soft32.es/get/file/id/.../?lp=dsa&tg=ar&kw=_cat:soft32.es&mt=b&ad=31507504442&pl=&ds=s&uid=140743777265402871c60c69d28dcadd0bf5b3fb74&_ga=2084066665.1407437772&gclid=Cj0KEQjwx4yfBRCt2rrAs-P5vtkBEiQAOdFXbTCAbVJLypcNiBMNf-shVRqvUEVgMm1KecXLETHWMPkaAphb8P8HAQ  (sharepod setup.exe)

1 / 68      (Adware)
http://sharepod.soft32.es/get/file/id/.../  (sharepod setup.exe)

The following 6 files have been seen to comunicate with sharepod.soft32.es in live environments.

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.