home

www.bodyquickfiles.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bodyquickfiles.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AGORASA.Installer (M)
100.00%

The domain www.bodyquickfiles.com has been seen to resolve to the following 13 IP addresses.

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
June 27, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
June 27, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
June 27, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
June 27, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 4, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
May 29, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
May 29, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 24, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 24, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 24, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 24, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 24, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 24, 2016

File downloads found at URLs served by www.bodyquickfiles.com.

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=KrpXPboZwOAfS8H7YDlC5D/TxiG7 B676tMIqTrZpiw=&c=nYDOry3dn Aym7lM2xSrT81Fn82RT1FkqS7rrFcuY7qzM6TjZLfNKlBjGvAXtRFvOwKE8r4ZSZIRynAU1/0C5QXmwxoj g1keDy9zFyrwpRCm8r00q e715oSdJVsLogk63GBzD6hxmF xr owrsQw==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../dxwebsetup.exe&downloadAs=installer_DirectX_11_sciagnij.exe  (icreinstall_installer_directx_11_sciagnij.exe)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=oOb t9WfQQELTbxV39vLAwFmLLEqC6wS4JF Q7BNBjc=&c= gU1DLHwysO9vQg4TaYc4/R0eI8ABpcmGmrSyju193LpizRscAVLHDtJxzBxgkIC7MbvVLYqLdlJwtcov1XvixUPXqxnJqnxJ7LN6ShawK IS3CDasTIloDLvJ9nHxOKMGtcjRxyyRpG5n95Bmedw==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_Excel_sciagnij.exe  (c3d6f702c2f725d389ad11030cac50d6)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=GupdIbaJ8ysuCBgHU9SMnWacW4YoPr/3ad6pPg7iJdU=&c=JYDSO/SbTTvyczJr5OmB/UlfAhc5btOSY4zsmEZPe/z8T9KVWez957JLS62qGuVfJBTB000cHsNnyjOIHB KSpX5jdTm6MmMQmuxjHGuhccrUCQl61v6pnQg4HN/FqDb 9/m4FIztxDRfC/k8rw2A==&e=0&fallback_url=http://www.battlefieldheroes.com/.../createHeroSignup&downloadAs=installer_Battlefield_Heroes_sciagnij.exe  (icreinstall_installer_battlefield_heroes_sciagnij.exe)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=Q3vGbpX7RGK4fDK1icC1VMp3vXI75aHaoDyiDOhRm Q=&c=8holjQlxqOi65GLbYMmFeL5YhA8394Fwt1MgGZBV7oA6kjrZyuRLt7hsbGMgv503omJrno5IkhOwh3JyLJQde50kJmFvOyONqCYJ2fp125Y2P7XKLcoUrwXovMO8p6lyrMtyyyF33wgXdJYn9GErkA==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../dxwebsetup.exe&downloadAs=installer_DirectX_11_sciagnij.exe  (icreinstall_installer_directx_11_sciagnij.exe)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=qDLHBOwOwaThSZwaXO3TVY 7yfhCNYjucUe1Ghvy Nk=&c=kCIFIeJUeWObBIyPtzESt8s016iRnBoWnSpAmEkgA mTmmFcWGPbglDTloR486WAlz7 0BVzW9XAEIlW7nNivuzIHFF4m45mcqZAooHkTRi5zxHbbQJaXHaEnFz48Lk7yyd326vJ8fFLyucue1ML/w==&e=0&fallback_url=https://products.office.com/.../try&downloadAs=installer_Microsoft_PowerPoint_sciagnij.exe  (e450e04d1754537aa6d2d3d0c5d1a956)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=nXBjDJBOS3uLy9UzVMmsHAEg2ptHgV8OlRAG5qMPZdI=&c=cDrYqc uYL4tI4sOKIDxjVE9q7xLR8Edg1kqKMvOTnsS4Vg4 /JDD561a/6TcjBDPGWDtbcuy6yqI/llG7PVFkttcBEseYHvgCww61GbnD72OofeJs2pHLS0aIdux9U5ux3GqAbdQ AaQ3fBCW5A2Q==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../pizza2_pl.exe&downloadAs=installer_Pizza_Connection_2_-_Spolszczenie_sciagnij.exe  (d87b501722e62717aff589ee7c46bb6d)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=A7RXquSxBvF8PXIVNvCkAgrCZpQpO5BE87wYwX4WWyo=&c=BjMC3QvaXa7jisC7zBWIaSInDKi7lwbuxOhgr uP/kBJdEOlfWwOkNa2JAomMpIRwyIFydQbXYKHAqY3OLcA5lLYQJR438gXO YLDnUzRyTIAgJ/WsZfA9VZL4JcJqVMtgpRcVndRrFFsGJUlxwAeg==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../dxwebsetup.exe&downloadAs=installer_DirectX_11_sciagnij.exe  (icreinstall_installer_directx_11_sciagnij.exe)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=BEo1vMsnWrmMS2zNp7UpG11SPyoYOCaDmY0ocGHr9Q8=&c=R1JFEZ5RTfq0yg/NU6jx8Zhn7jYdh1j5Dch8YE6fBkanjuR6CjugxJx6P Wo2xds5d8POiiFgfuuc9v3GHB9RAaIoYZ kS8ydRf8xFes WaWyICpXzW7PxGvG9HEgZce&fallback_url=http://downloadmirror.intel.com/23405/.../Win64_15338.exe&downloadAs=installer_Sterowniki_Intel_HD_Graphics_Driver_dla_Windows_7_i_8_x64_sciagnij.exe  (5d7a313e958567523e2cfb1af110a757)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=i4Xe1 Fi2XxCljDn6P4SKgtPnQvU9lDYBswGScQvLlk=&c=cx3jkpH r6So1 3Cn8vv5LZv9yUYFnIT/XvXi08cKgavMQObIoPDaJNPxyqGi Rx0GDk5WIRQ5wycD5rhqUdJ3 bnK0h2BiSU5nPxve3w4J4xDiR/.../pIKcSdnafne6RZ97Dx3IifJuJN3txd6m18Q==&e=0&fallback_url=http://bi.sciagnij.pl/0/.../SDI_R323.zip&downloadAs=installer_Snappy_Driver_sciagnij.exe  (da2064b599eb16425d7ba6caf12166a0)

1 / 68      (PUP)
http://www.bodyquickfiles.com/c?x=Od7zLeb7nRvFcYivu4YM0NvQgx03pT1bdQ42RuHIl0M=&c=Z4vTxOSGyQtSl98pzEukfpXlZMMWvhp0lFipBKugn4 7aFOJ9IbqjIYkWUBhG40wdGycBh7gnT3Pkzir3BRvPX2kzDrWWKNUWe3SmC6Jz0 tVqgXOSSy3DiuJzXZ9pRy4H3z 2C4cdHA6tWMLjYaCQ==&e=0&fallback_url=http://www.speedyshare.com/.../bloodrayne-2-v12.zip&downloadAs=installer_Bloodrayne_spolszczenie_sciagnij.exe  (545f4869e63715b5597441cb1dadd004)

The following 23 files have been seen to comunicate with www.bodyquickfiles.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.