» www.bitscenterpackage.com
Overview
Analysis
IPs Addresses (16)
Downloads (7)
Network (13)

www.bitscenterpackage.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

bitscenterpackage.com

Scanner detections:

Detections (86% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.iLightMe.Installer (M), PUP.InstallCore.RE11 (M), PUP.NewMedia.NMH.Bundler (M)

85.71%

Microsoft Security Essentials

Worm:Win32/NeksMiner.A

14.29%

F-Secure

Application:W32/Generic.70053c248f!Online

14.29%

The domain www.bitscenterpackage.com has been seen to resolve to the following 16 IP addresses.

ec2-52-41-114-34.us-west-2.compute.amazonaws.com

July 12, 2016

ec2-52-33-46-229.us-west-2.compute.amazonaws.com

July 12, 2016

ec2-52-32-12-104.us-west-2.compute.amazonaws.com

July 12, 2016

ec2-54-191-246-249.us-west-2.compute.amazonaws.com

July 12, 2016

ec2-54-148-183-210.us-west-2.compute.amazonaws.com

July 12, 2016

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 17, 2016

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 17, 2016

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-54-191-37-5.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-52-35-10-15.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-52-34-170-106.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-52-26-95-11.us-west-2.compute.amazonaws.com

April 17, 2016

ec2-52-25-23-136.us-west-2.compute.amazonaws.com

April 17, 2016

File downloads found at URLs served by www.bitscenterpackage.com.

1 / 68 (PUP)

http://www.bitscenterpackage.com/c?x=uD7Xt51SzGv8VsqB2NazklF vmjLxJ3O5 LlN/Ad13M=&c=0YDzvqziilLOvFKMRXNHEMXL01H LilzeYzLeTE38CcgUTs1EizTJ01mdm/zi8jpTea3z3BR1wv8ICoemENDwPq/09TzKZ Uct3nivstspYBxi8fY5DuXK1DrGw82SHzxFMreOiG6jHgvlQYd6FDaS27zgq1roFyQQ/zq3sofeOnPmdfeJvuHMOtu0KIDoF8&e=0&downloadAs=exe&fallback_url=http://qpdownload.com/data/mhotspot/.../mHotspot_setup_7.6.0.0.exe (exe.exe)

2 / 68 (false positives)

http://www.bitscenterpackage.com/c?x=MXR6Lu76T3R5DPXsIiCEKoSG5vFnFFCkANG qhgRnpk=&c=nJZXdlIHTV7TkTIijwOY9HuAwWmOOLVhhzx/PQiXlQq6 yT7k3AZhP2wOrCHLLoBz8nxss3dBEL9FhAjADJZ/02lImWn9ZWDiFDCU1WNjHfdJf7C UaVtjfpqekt61PRhwhlYPSH4nSjXhxi1TWkFb981Gy1YRaqJo0Pc6/oRbY=&e=0&downloadAs=teamarenademo.exe&fallback_url=http://qpdownload.com/data/quake-iii-team-arena/.../teamarenademo.exe (wrar420.exe)

1 / 68 (Adware)

http://www.bitscenterpackage.com/c?x=MP8YKEWNThPXQFs1RW5ci03kz7A8R9 PWo6FC6Bz0xQ=&c=u4T/Pv4/1ErbrV4pIQm6l31lX9imy7S1oD0vR6fWGCAipFLpcScBGjhhJCchE7ox8D1DMa1yDc/lm9aUho dZ81p9WgLdFzufsZZYm851uId5F/gDqWFQufKuf/rYCAnI/kGjLZEtXQvzxbm0zdZzkr30EdYt/LCmWO7WBxBITI=&e=0&downloadAs=teamarenademo.exe&fallback_url=http://qpdownload.com/data/quake-iii-team-arena/.../teamarenademo.exe (ef5e3e81daa73ae3d08b6a07f9c8f9f1)

1 / 68 (PUP)

http://www.bitscenterpackage.com/c?x=/k8mpNOIIlUlhfADxI7a6/NbuZosC7rSWHcUiqXo70A=&c=RDvCCsoxktwNriMmG9FTiAjbpr8MDMIOGGlDx1iyMH MMJam/F/TB52LSSiMiAiusGQ1dKXDJzX9f K2rdSp5sSbTuWpKeds8i344oYTUVqysYclLpWqJ6 AnsFpFtMS1B5fX31Edbe9tEx8oq1q9G2apJpPM2LE9zLXZ0ObHUM=&e=0&downloadAs=uTorrent.exe&fallback_url=http://windows10portal.com/data/download-utorrent/.../uTorrent.exe (ac7ea1018475f251b9c9da20d073bfae)

1 / 68 (PUP)

http://www.bitscenterpackage.com/c?x=7sAZBBGD iHefeUKSu2NtcQ3WBvYbdCHtb/HhLk3k5M=&c=kt8yBlaDvqSkIczMoFKk/qXp3pkdnkR 0mSb2rHYkbEtynCRtJONu05Jt9hZGQF KWZireR9Ye itMyfrPq9eiogrwRsoXBVq20xQ26qSa7xZWtsCj4CFi34t9ymaUEK&downloadAs=javasetup-win10&fallback_url=http://.../jre-8u60-setup.exe (javasetup-win10.exe)

1 / 68 (PUP)

http://www.bitscenterpackage.com/c?x=cCBbhMrC6touXIEI0YCNgaMBx2 q14KkfOIiEtoe6e0=&c=8JhPLcgOauSTtug9fD k2b1S2T0Bx0qeg9wuxW40RZdnAQ4Uk1n3VCiW5BE u8UDtxlm5CqSqoJeZa2JADTXPShWpzX2tuwaLWh953KaSAIE7kEi0Ogsap8Qn2FhDkAFEG5P1YdGqF dZ22ZhV XNHHKHXlzKLH0vkbYo6walNc=&e=0&downloadAs=mp3gainpro.exe&fallback_url=http://qpdownload.com/data/mp3gain-pro/.../mp3gainpro.zip (fc8c92fd2b300dc4f1ff7691dae5e34a)

1 / 68 (PUP)

http://www.bitscenterpackage.com/WVl6OTRQVUZ4WkV4TU4wdGlWR2xxWkdSQmRtOVNjR0ZvU0hWT1pVeDNWWEo2VVhsaVlubHdZMVZ1VWpkNFdqZ2xNMFFtWXoxcU56SWxNa1p4ZUdRM0pUSkNjMVZsWVVOTFJHb2xNa1pMVDJSa2N6Um5KVEpHYjBGQ05XOTFZbEl6UzJKaEpUSkNibkJ0ZFZCdlVWSjFOMGR5YUhseWJHdEZTVXRpYTJJM2NuTm1SMFl6V25sSVkwZDBRWEp4VFZJeGRXRjJhSGMzU1U1aVJXbEdZa2RGZUhOMWEyNUpNbXRJUTBOeldtTjRUekJySlRKR2F6TjRRWEZYVkVKNGVGQlVKVEpHU3pkNU4xRm1SRGhpVVVoUVkzTk5OalpQV1hvMmR5VXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFJVTFNdE15NHpNaTFwYm5OMFlXeHNMV1V0TlRVd0xYQnNZV2x1TG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuRndaRzkzYm14dllXUXVZMjl0SlRKR1pHRjBZU1V5Um1odmRITndiM1F0YzJocFpXeGtKVEpHYVc1emRHRnNiR1Z5SlRKR1NGTlRMVE11TXpJdGFXNXpkR0ZzYkMxbExUVTFNQzF3YkdGcGJpNWxlR1U9 (hss-3.32-install-e-550-plain.exe)

The following 13 files have been seen to comunicate with www.bitscenterpackage.com in live environments.

TCP » 52.33.46.229:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.33.46.229:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80

ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80

browserair.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.