home

www.applicationscontenttowers.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
applicationscontenttowers.com

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.FC.Installer (M)
100.00%

The domain www.applicationscontenttowers.com has been seen to resolve to the following 11 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 17, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 17, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 19, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 19, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 19, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 19, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 19, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 19, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 19, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 19, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 19, 2016

File downloads found at URLs served by www.applicationscontenttowers.com.

1 / 68      (Adware)
http://www.applicationscontenttowers.com/WVl6OTRQV2MzTXpsQ01FUkRSazlUWnlVeVJqbFllVWxGWWpaVU1rTm9kMmd6ZUVSVE9VWmhaVmRWSlRKR2RVbE9Zak5OSlRORUptTTlZMjAyTkRORlNrbDVSRmRZUm1GM1UwMGxNa1pETTJSRVRUSTFPSGs0TTBkbU5EbHVabXhLWlRCMGMxZ3pUa2RRYXpabk0xUjNkbUVsTWtaUFZUVkJXVlp5WjNkRFRYaGtVMFpZZWtNeWNsQWxNa0pEUkZaMFEyaDFaRnBUY1NVeVFrcGtkbTU0VWxoMVlqazNZMHg1TmtwRFFtOXZjVTFLVkhkUVMwdE1VallsTWtaek5rRllXR0ptSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3Y3lVelFTVXlSaVV5Um5ObFkzVnlaUzVwYm01a2JDNWpiMjBsTWtaVlV5VXlSbmwwWkMxMmFXUmxieTFrYjNkdWJHOWhaR1Z5TG1WNFpTVXpSbk4wSlRORVlUWllaSFJqUlZCUmFFWnFaV3h1YjFoelVWOXVkeVV5Tm1VbE0wUXhORFUzTnpZME9ETXdKbVJ2ZDI1c2IyRmtRWE05ZVhSa0xYWnBaR1Z2TFdSdmQyNXNiMkZrWlhJdVpYaGw=  (ytd-video-downloader.exe)

1 / 68      (Adware)
http://www.applicationscontenttowers.com/c?x=Cmk8Cb/OCXR6vr7UAYTu66rom0j9JVUZfBvXUY9BYxI=&c=hShWLsirLoSvnc4duZjbWX6CWtuhKmGHhSQarIQ6zUWiSz9UN/mp34Wy6AGbcrPc4CPiTSaSQ6Q7kR7BH7mp2hel DKRIr7K A2MxvY3DWc7FtfWfLd7cXQhC7YnFM4A&fallback_url=https://secure.inndl.com/.../windows-10.exe  (11d679e0706d538a17eea6a0f0f8b349)

1 / 68      (Adware)
http://www.applicationscontenttowers.com/WVl6OTRQVTQ1UkhOdlFXbEVTbUptUzJKdFJ6TkJhVXgyWmpsMldWRmlXazloZVhaNFNGUnpRV0ZJWlhKVmEwa2xNMFFtWXoxWlNWVTVjVEppTTFKcVJqSnNjV1JqYlVjM2RYcEJVblp0ZVhWWmNUUnJkWGwwU21ka0pUSkNla0ZIUW5VbE1rWTNVRUpKV0VSRU1GTnBhRXBpZFRRd2MwdFJRV2RMVFRoRlIyWk5TM1p2WjNKNWNFOXBlbTlTWW5WcWMzQm5jbEZ6TjBKQ2NtaENlV1o0U21sMllqbExkVE5MWkVoVlV6VnZORXBsTkhGNFFuSjRlSGttWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEJ6SlROQkpUSkdKVEpHYzJWamRYSmxMbWx1Ym1Sc0xtTnZiU1V5UmxWVEpUSkdabkpsWlMxMmFYSjBkV0ZzTFd0bGVXSnZZWEprTG1WNFpTVXpSbk4wSlRORWREbFZUQzAwZUZoVE5sSTBlVEJwVlRWUVdHdDNRU1V5Tm1VbE0wUXhORFUzTnpZMk5EZ3lKbVJ2ZDI1c2IyRmtRWE05Wm5KbFpTMTJhWEowZFdGc0xXdGxlV0p2WVhKa0xtVjRaUT09  (free-virtual-keyboard.exe)

0 / 68
http://www.applicationscontenttowers.com/c?x=gKdgKJRKKYV m7W7dUDyy5NjV8hlMKhNWM3MARo8GQ=&c=9sb6gOlV8h6vcLxYoBN53JEMaX4JB8A6NaJ6p8S0JeDA/8IDikUov C0Gim9CPounug4/Vyzvo KWco9z6c2UI0IjlFS08Eii5QuVjeRwkyQQXyyYcVGpo3Zc6/GIvKE&fallback_url=https://secure.inndl.com/.../uc-browser.exe  (ucbrowser_v5.4.4237.1032_windows_pf101_(build15082410).exe)

1 / 68      (Adware)
http://www.applicationscontenttowers.com/WVl6OTRQU1V5UW1aeGFqbE1Sa2ROU1dKc015VXlSbWhqZHpOemRFNHdUMmMxUTNGblRVOGxNa0kzYVhrbE1rWjRZaVV5UmtweFNtdHJKVE5FSm1NOVVtZHFTMUZRT1ZWd09IUjZiWFJFYzFoaVVVaHNaa3hGU3pWTVVWZEdKVEpDUW13bE1rWkxUMVlsTWtKQlUyRnVOWGRzTVhoTllXMVZTbFJaZWxKaGQxbG1TVUZWYW0xVmMyMVVaalZIVkVWeU5VSnZPSEpZU1VoUlVpVXlSbk5zT0dOTFRsbHlXVkJHYm01dmVtUllVbTVJVFZCYVlUTTRSbTVQZVdFNVJHZFVjMHN5YkVwVk5DWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNITWxNMEVsTWtZbE1rWnpaV04xY21VdWFXNXVaR3d1WTI5dEpUSkdWVk1sTWtaM2FXNXlZWEl1WlhobEpUTkdjM1FsTTBSVlVVSTNTemhsUW1OTmJuTk9XVXBpVDFWTWVGVjNKVEkyWlNVelJERTBOVGMzTmpVNE56UW1aRzkzYm14dllXUkJjejEzYVc1eVlYSXVaWGhs  (winrar.exe)

1 / 68      (Adware)
http://www.applicationscontenttowers.com/c?x=W fBJXigtg5j5vbk983OXMZupbedGeVNDeHq6qej2/Q=&c=TtncSu37CnZ/XSGe3XGrONSCmHPTOcCO96WEqIcrL58FIELkAu4fMSjan zPEHlmdCCt/83gyK lefPdHLrLTbR75DuIRhbCHYBUdYJZFi2eFKUKb5tQIMMUylX/dSCh&fallback_url=https://secure.inndl.com/.../winrar.exe  (918257f24605e5dcafc9172f2284e76e)

The following 6 files have been seen to comunicate with www.applicationscontenttowers.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.