home

srv9.corpwebcontrol.com

Sanjiv Kela

Domain Information

The domain srv9.corpwebcontrol.com registered by Sanjiv Kela was initially registered in July of 2013 through NET 4 INDIA LIMITED. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chantilly, Virginia within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
NET 4 INDIA LIMITED

Server location:
Virginia, United States (US)

Create date:
Monday, July 8, 2013

Expires date:
Friday, July 8, 2016

Updated date:
Thursday, July 9, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:
corpwebcontrol.com

Whois:
1 corpwebcontrol.com record

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.UpgradeDeal.Meta (M)
88.24%

Dr.Web
STPAGE.Trojan
11.76%

Zillya! Antivirus
Adware.BrowseFox.Win32.209122
11.76%

Sophos
Mal/Behav-118
11.76%

Vba32 AntiVirus
BScope.Trojan.Agent
11.76%

McAfee
Artemis!EAAD54D8F434
5.88%

The domain srv9.corpwebcontrol.com has been seen to resolve to the following IP address.

50.22.217.212
50.22.217.212-static.reverse.uk2group.com
October 20, 2015

File downloads found at URLs served by srv9.corpwebcontrol.com.

0 / 68
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (upgradeall_3.exe)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (8f8c21f678f9aea88b657a1ba261f29c)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (fe4b0b43a8419d6ecf976f9dcc675398)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (70a0821853411811177896664938f350)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (cb6f19f68147e7cb29699627b4915de0)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (960edee04c21440da17707e1a4ae447e)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (1293bf8e5955ff57127377ac958d1ede)

4 / 68      (inconclusive)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (ef71a67f3998d56346035e709cc817f0)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (3191bce086d5c5e856649797fa587cac)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (d4fff2436df42aedef936dc6570c1fa1)

5 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (eaad54d8f4345d3cff3c2e2a06d757f6)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (4022928741e99f5e9c1689d280bc842b)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (f06c550c1db907f5b93ac1e548e73ded)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (25d182e1dc22d6b7a7d3e3b8cafdeb80)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (00278341236ffb81b577ca4219263143)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (2741ae219fdd1a5d39c99faf1a1a2bc0)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (8b0ef8a8d9a1ca286d581030d4e91232)

0 / 68
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (bbc81b17eebedd204a06b7d3d5edb456)

1 / 68      (PUP)
http://srv9.corpwebcontrol.com/.../UpgradeAll.exe  (5e6f17dde866ab3fe069c5e256808dba)

0 / 68
http://srv9.corpwebcontrol.com/.../npdownload.exe  (aa4a96af9ebe31be977a943eaf827db1)

The following file have been seen to comunicate with srv9.corpwebcontrol.com in live environments.

TCP » 50.22.217.212:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://srv9.corpwebcontrol.com/

Title:
“CorpWebControl”

Web server:
Microsoft-IIS/6.0 (ASP.NET)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.