home

www.bulkfunbody.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
bulkfunbody.com

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore (M), PUP.InstallCore (M), PUP.InstallCore.RES (M)
66.67%

ESET NOD32
Win32/Delf.NRJ worm, Win32/InstallCore.AFV potentially unwanted application
33.33%

McAfee
W32/Gnamer, Virus.W32/Gnamer
22.22%

avast!
Win32:Agent-AODJ [Trj]
22.22%

Dr.Web
Trojan.Inject1.28681
22.22%

VIPRE Antivirus
Virus.Win32.Grenam.a, Threat.4775899
22.22%

Emsisoft Anti-Malware
Worm.Generic.377772
22.22%

Microsoft Security Essentials
Virus:Win32/Grenam.A, Threat.Undefined
22.22%

Bkav FE
W32.FakeExeYHPtv
11.11%

MicroWorld eScan
Worm.Generic.377772
11.11%

nProtect
Trojan/W32.Agent.534016.BS
11.11%

Quick Heal
W32.Grenam.A
11.11%

Malwarebytes
Trojan.Renamer.DF
11.11%

K7 AntiVirus
Trojan
11.11%

NANO AntiVirus
Trojan.Win32.Renamer.lnwkz
11.11%

The domain www.bulkfunbody.com has been seen to resolve to the following 38 IP addresses.

52.85.142.18
server-52-85-142-18.iad12.r.cloudfront.net
June 5, 2016

52.85.142.232
server-52-85-142-232.iad12.r.cloudfront.net
June 5, 2016

52.85.142.214
server-52-85-142-214.iad12.r.cloudfront.net
June 5, 2016

52.85.142.179
server-52-85-142-179.iad12.r.cloudfront.net
June 5, 2016

52.85.142.157
server-52-85-142-157.iad12.r.cloudfront.net
June 5, 2016

52.85.142.88
server-52-85-142-88.iad12.r.cloudfront.net
June 5, 2016

52.85.142.79
server-52-85-142-79.iad12.r.cloudfront.net
June 5, 2016

52.85.142.40
server-52-85-142-40.iad12.r.cloudfront.net
June 5, 2016

52.84.125.146
server-52-84-125-146.iad16.r.cloudfront.net
May 22, 2016

52.84.125.135
server-52-84-125-135.iad16.r.cloudfront.net
May 22, 2016

52.84.125.116
server-52-84-125-116.iad16.r.cloudfront.net
May 22, 2016

52.84.125.73
server-52-84-125-73.iad16.r.cloudfront.net
May 22, 2016

52.84.125.56
server-52-84-125-56.iad16.r.cloudfront.net
May 22, 2016

52.84.125.19
server-52-84-125-19.iad16.r.cloudfront.net
May 22, 2016

52.84.125.242
server-52-84-125-242.iad16.r.cloudfront.net
May 22, 2016

52.84.125.176
server-52-84-125-176.iad16.r.cloudfront.net
May 22, 2016

52.85.142.135
server-52-85-142-135.iad12.r.cloudfront.net
May 18, 2016

52.85.142.198
server-52-85-142-198.iad12.r.cloudfront.net
May 18, 2016

52.85.142.210
server-52-85-142-210.iad12.r.cloudfront.net
May 16, 2016

52.85.142.192
server-52-85-142-192.iad12.r.cloudfront.net
May 16, 2016

52.85.142.98
server-52-85-142-98.iad12.r.cloudfront.net
May 16, 2016

52.85.142.28
server-52-85-142-28.iad12.r.cloudfront.net
May 16, 2016

52.85.131.19
server-52-85-131-19.iad53.r.cloudfront.net
April 5, 2016

52.85.131.17
server-52-85-131-17.iad53.r.cloudfront.net
April 5, 2016

52.85.131.239
server-52-85-131-239.iad53.r.cloudfront.net
April 5, 2016

52.85.131.183
server-52-85-131-183.iad53.r.cloudfront.net
April 5, 2016

52.85.131.155
server-52-85-131-155.iad53.r.cloudfront.net
April 5, 2016

52.85.131.141
server-52-85-131-141.iad53.r.cloudfront.net
April 5, 2016

52.85.131.44
server-52-85-131-44.iad53.r.cloudfront.net
April 5, 2016

52.85.131.39
server-52-85-131-39.iad53.r.cloudfront.net
April 5, 2016

 
Showing 30 of 38 IP Addresses

File downloads found at URLs served by www.bulkfunbody.com.

1 / 68      (inconclusive)
http://www.bulkfunbody.com/.../installer.exe  (e4d523652c0b2a030b23aca13ddadf20)

1 / 68      (PUP)
http://www.bulkfunbody.com/.../installer.exe  (6fac96706d6d63f05e9552a602dd95f6)

1 / 68      (Malware)
http://www.bulkfunbody.com/.../installer.exe  (76d3ba27f4a80aaf0172060fec1631e2)

7 / 68      (Malware)
http://www.bulkfunbody.com/.../installer.exe  (javasetup.exe-.exe)

1 / 68      (PUP)
http://www.bulkfunbody.com/.../installer.exe  (16f0e362ceda2fd15cda99b2e54584e4)

39 / 68    (Malware)
http://www.bulkfunbody.com/.../installer.exe  (freevideocutter_setup.exe)

1 / 68      (PUP)
http://www.bulkfunbody.com/.../installer.exe  (873c5755161c31a022956a5d2495df11)

1 / 68      (PUP)
http://www.bulkfunbody.com/.../installer.exe  (923ab6078f72435521b88d68bd076bb0)

0 / 68
http://www.bulkfunbody.com/.../installer.exe  (ebec15e2e116965c68fb5d1a38175dbd)

1 / 68      (PUP)
http://www.bulkfunbody.com/.../installer.exe  (5628aa2c8b6c163ba59cc72a55999e36)

The following 58 files have been seen to comunicate with www.bulkfunbody.com in live environments.

TCP » 52.84.125.146:443
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 52.85.142.214:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.216:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.179:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.227:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.18:80
jingling.exe

TCP » 52.85.142.79:80
browser.exe (Browser)

TCP » 52.85.142.135:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.214:443
jingling.exe

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.232:80
mobogenieP2sp.exe (mobogenie by mobogenie.com)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.142.18:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.214:80
browser.exe (Browser)

TCP » 52.85.142.40:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.79:443
messengertime.exe

TCP » 52.85.142.201:443
browser.exe (Browser)

TCP » 52.85.142.98:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.85.142.214:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 178 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.