home

www.bodydownloadscontent.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bodydownloadscontent.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.NewMedia.NMH.Bundler (M), PUP.InstallCore.RE11 (M)
100.00%

The domain www.bodydownloadscontent.com has been seen to resolve to the following 6 IP addresses.

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 16, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 16, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 16, 2016

File downloads found at URLs served by www.bodydownloadscontent.com.

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=g/mmXXAs Z/V48R9d8YYxHXmAPvZ1apCEguBJ90lpbA=&c=eDWnwPic55GtOQLinm zBB86eiJe/zGD6z20Jkh EZNHoCzXVcCJeUBbI5GYRKl0WVInU2kavTHfw6jS/z5JixSwPloyIFj8YgEWQq59FLbMwyZfk2BDEB9nZYO7abXlGAo5vCqxK3HspJX/LotwaVPL7YroZL5VEAnzVB CMH0=&e=0&downloadAs=vlcsetup-win10&fallback_url=http://.../vlc-setup-win10.exe  (vlcsetup-win10.exe)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=fCmbi73zuHxCA 5F2Cbprgpmn2SXD9pu1dd9efSdW/w=&c=WjPN52FdoFqpeYG8WQOMqaFaxOFvSfI uj SB/DgYhc6VgmpqInqlF3hSky452Yl7d1iqgRDGXSCg9AboPeXWYpbA3lCVecnj0VbDsNnQElgDNAvU10i1l628ULairHNzEweWa79iZemfuEu2Aft9XtKe1EB0QMJxNWgXNP3va4=&e=0&downloadAs=uTorrent.exe&fallback_url=http://windows10portal.com/data/download-utorrent/.../uTorrent.exe  (077aaff3a8c88e89bf41768c6a5d29ff)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=hmyBqep ZT7zRLvJyBfl8orycXqIuw4IzgudNgkVdjU=&c=8SwwgSkIJ14Q74/HYje87MsWMxHvfQGTnuI/2K9i7cFWfKEfFR33YwjgPcPZ0E 4MFz0VirsX/BorfIOgbPUXI8dJbxdHy55WRx qfQsk3H5k8LB5wXigG5DwW6gI93yGsCV0iLCP/IJmUpI9 O48DJC2UNtUBwi8lLaYbbqm8=&e=0&downloadAs=exe&fallback_url=http://qpdownload.com/data/mhotspot/.../mHotspot_setup_7.6.0.0.exe  (exe.exe)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=fO36/2 qygD naXVI4m25OFLxLZN2RE763Ses5QLAKY=&c=lddMFCmds9SD2kuvwk53IHXm1ve5nuAA88vniKn5FNq0ywfZSi2MPLx1pTMautHwjTBu4AYawjTLRvml57Gr9crSmLhX4NTLZJix8/RPUQN/DRExhgj3 3aU2l 33MaO&downloadAs=flashplayer-win10&fallback_url=http://.../flashplayer19ax_ra_install.exe  (flashplayer-win10.exe)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=CTHMAJWsQSfmu7qUnuDzWhtAIboMnReZtihvyToymmo=&c=5bg dWCU0hSy5WXgdx7LOm/KlS8XUSKLAl0WQMCufyluliJCXa73fTHJPiSag70T33PJzzA73wpx n6VUm/K9H39ApLIloiqRBYDYQYybel2wo0NzhRHyYDOhspr9iiQ&downloadAs=Firefox_Setup.exe&fallback_url=http://windows10portal.com/data/download-firefox/.../Firefox_Setup.exe  (32331ca0df18a1867b2bf602e4de2851)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=hDIFKAullXpR82mvJw2JFsdXezk4Iz4BRHoPz3muQ8o=&c=ZLyqd7wukl2/ytdzlW5QR tuXQ5l rI9VmjzXbbauoz6lPJ pjxhAc67TqttbsX0xr9LUbfVrlvn0ES8RY52h2AHnJSH LrW3UyGkkPHNH4E4OzJc4t8WQlKR2i XojJe6I3DhPmdyW6JGVJDH9r8z5qhbovt0 qmNXz5875/Qg=&e=0&downloadAs=CheatEngine63.exe&fallback_url=http://qpdownload.com/data/cheat-engine/.../CheatEngine63.rar  (4340f4c958406d6ee8cc5f84cc967732)

1 / 68      (PUP)
http://www.bodydownloadscontent.com/c?x=CXyhCYefU7FKSa5UCdR2pA76TJdBtQ0/ck/6XSElTPo=&c=5WYIU joT/0OcVe91yypZt2UCF8 X9TNm PxhFxLKXiUCzKECSlPE5CmBVpTfIeM9Qd liHnQicMbMc 6hgd7eg/290iSwFE9rLh82J61wHThAOm5KUa4CRjbuhBRSwQOBE1BQVRgj5Gn1f9FnqEtEX5XY1wN28Sj 5IWaVi8S5szZy71KYhJzKBuql1aB0M&e=0&downloadAs=AllFree3GPVideoConverter.exe&fallback_url=http://qpdownload.com/data/all-free-3gp-video-converter/.../AllFree3GPVideoConverter.exe  (0a1c3c434a65a18f7d5a672cf5735fd1)

1 / 68      (Adware)
http://www.bodydownloadscontent.com/c?x=TUhwIGOhI8Wv H60CskCFtzvzP/xhjvbKVI5vytwOaA=&c=tnKyQzn5m71g/KDUjylHc3kSDG5XVbNwz3yKZM57z6TZw5BpoTj/xE9l4a/WVmKT5z2ID4U4MKlxbWbRC/3a6MkOAy63B/Sx7vHdrtbzpm3k1E/FGhoRVAVacmjEvBJg&downloadAs=winrar-win10&fallback_url=http://rarlab.com/.../wrar521.exe  (winrar-win10.exe)

The following 6 files have been seen to comunicate with www.bodydownloadscontent.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.