home

www.bulktownapplication.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bulktownapplication.com

Scanner detections:
Detections  (64% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.MICROMAXSTUDIO.Installer (M)
100.00%

The domain www.bulktownapplication.com has been seen to resolve to the following 11 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 15, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 15, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 19, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 17, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 17, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 11, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 11, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 11, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 11, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 11, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 11, 2016

File downloads found at URLs served by www.bulktownapplication.com.

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=sMW8EN90TSdMRzyakdGT8NnS1eXrrRIgIy2DeifXiu8=&c=ap8MRqPVq uvWkp6R4jL loF6iRObnicSw7VPuz904NWmiLMUpcDJMxCNz0nM PMggdSSAYPPfCPUlA2Ye6PwRMZot6WudcOC414XlGCoV6bLKA0yMvaXMC8UVDn3ewQ&fallback_url=http://res.prograbay.com/.../ExcelViewer_fr.exe  (icreinstall_excelviewer_fr.exe)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=M9rd0uQ4PTfodNUIvqMNdthhghzU2F KE7M uNM7w3o=&c=Q5n92itnly6UK0Onf2ZJIA566IFC7DV41uVlPATZLJiToOdnRaVhWIQ0l4JHr0O mqZ5aH3nhNwF9 HG9BjL1HKCChyfW9Dg7oxBfPjoweiM4nF20aQvpj IB9mS7IkY&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (2f2bc2548d18b12cde65f9f6ab05ca87)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=3007EPByNOUmvexgtEIR 6DHN fBxDFDV22KM5qdh0s=&c=OWlCgHrKTcaNI1Wzaa0HssS FuUjcOMb9X954XVA5 iPkix2xIeRyJ/cmtxpZZ9rrD6R7AgplCHLdy5kc3eCriTdUChQE7Ns8GceVufRUHmJfKQ4PNzIlBmoJcvXOydz&fallback_url=http://res.mshist.com/.../FalloutShelter.exe  (icreinstall_falloutshelter.exe)

0 / 68
http://www.bulktownapplication.com/c?x=XSEWJZB5K3dh4VqqCVE6tC7fsKaPpzAijNyyDz86FAo=&c=5vlM569ElghjpvxPfnSenDlvVhjlmDAwoAdGwC0r2bkDwGRgVZrGsukAaHoSL9p/lIGjlV5gwN9 a6lpoqDsCEPtd/hCe1QvCWtSe77QQf2yludvxe0FlWCr8AIK9xp3&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1  (b8a6c3efa365c430d76c9b34e031a2dd)

0 / 68
http://www.bulktownapplication.com/WVl6OTRQVFV3SlRKR1VtTTRNbVZzVFZWd2FWQndOak5IU1VOT2MzZFBkV00zUWxCcFVHWndVRGNsTWtaUlFTVXlRa1Z2WXpnbE0wUW1ZejFxVXpSeU5VbzJSakZaWldjeWNWQTRlVmhXWTFoTWNreDZaRXRPTWpSd1FtNXVNSFJ4T1RKWGEzWWxNa0pCWjIxMlVtVmtWMjFoZGpoUldtVmFkMDR5VVVKak0yNDFNMWxETVdKb2JYcGpVSGxIWVVSNFdqVlBOelp2UlVkSk1qUldkVWRyWmxONk5reFJRbTUxY2pSS2IzcEdXVGQ0TlZZelVrNUVVamMyYXpOdUptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2NtVnpMbTV2WW1semRHVjRMbU52YlNVeVJtTmhZMmhsSlRKR2RYQmphQ1V5Um0xcGJtVmpjbUZtZENVeVJsVndaR0YwWlVOb1pXTnJaWEl1WlhobA==  (updatechecker.zip)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=3xzxXVdBm2nBf9nM mqIr7L Y02o7tA6VEcX64mCXfg=&c=QrKY7Qj518lMA 5 Ox2 cZ2NlLYwivQWvGa4bC4/AG0bmFiMQ/Hp9s2fgib3Y9zApQs9ZQIe1LAlMACNt1UIlEl0iL1eIAlJnR5mzME2QsW68zk4K aALE2oq 4oyhGZ&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (icreinstall_firefox_setup_21.0_fr.exe)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=xm2oVPZsW01LPfGUq4CWoy8wDNBKfusLftdmOvp9XEo=&c=8Hcqe/0xDV3p/7t3PzlrCaaglYokMHxTfnO1HE6PVq6W7t8Ti8vjwsl5d91y0SGBW8qFD c0mRAVLt/D80FzIE4nmvp1Nx2LmbBIMsbah4R6ZiAyeabY2tgQOQk83I30&fallback_url=http://res.mshist.com/.../LeagueofLegends_EUW_Installer_9_15_2014.exe  (e74701fc87476d09ea29e6c787dfac94)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=SlQflidY1oWjnVyegIiFaeKtemeWbRztphtbmLGZfaA=&c=kPb3oPhowdARTcPn7CtsH2D1uSHkz sJdtvYibXq/twslYa885m3wwaFZp5Y/mmoj6Uk TL1wgl5vN43m8OosYld8jjTN0iLYdQsEB/vwjBOQ7WU8MO/hrTJHm0PeFX8&fallback_url=http://res.hufftos.com/.../ChromeSetup_fr.exe  (8092e80b7335c65ebf2c84914b4e60b3)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=xRAmf2XtEZGOhUgU5jPwcS9UVVorR1thqjjXc PEsn4=&c=SwBm 2ZmbS2nyOFqGTMptQYN2prxu5xjsqT7ufh/pbXHQv8HTMUiQY/1C634OzMI153coIKHkY90r2rzlYDOnw/j9fSGYpRzMUYCWwHJfoYz8z4Q/cKsXoGVsDxMgXEd&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (icreinstall_firefox_setup_21.0_fr.exe)

0 / 68
http://www.bulktownapplication.com/WVl6OTRQVmhuYWs4emRrZEpZVkJ2Y1dGM2VWVnFRU1V5UWtsd1pGcHdNRGhFTXpSdU4wVlFlR1pZUlV3ME5rTndWU1V6UkNaalBVTk1UalJYUW05RlRIRjVaMUl5YVRZMmFuSjBZMUZXWnpoMmRuSTFiRmRqVkVwVE1rMHdkbXhaUVVvbE1rSlNOMHd3VjFkSlJrdHlXalJxZFRKcWVrRWxNa0paUW5WbWMxa3pXVFZuVXpCYVRHOXZaV2h3VW5kV1RrUkJVSFk1U25KaWIzUldTVTVvTWlVeVFuTTFNa280YmsxeldESmtkVTAwWkdjbE1rWm1WMHh1VFhOR1dVTW1aRzkzYm14dllXUkJjejFRYjNkbGNrbFRUell1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR1pHOTNibXh2WVdRdVkyNWxkQzVqYjIwbE1rWlFiM2RsY2tsVFR5VXlSak13TURFdE1qWTBObDgwTFRFd05ETTVNVEU0TG1oMGJXd2xNMFpvWVhOS2N5VXpSRzRsTWpab2JHNWtjaVV6UkRFPQ==  (poweriso6.zip)

0 / 68
http://www.bulktownapplication.com/WVl6OTRQV0YxV0doM1VWcFhUSFJ4SlRKQ2MxUnZRMGsyVFZGMFNraEllazE1YWxOaFFXNUphbHBHWkc1bVRIZE5aeVV6UkNaalBXSjNSMmRUVTJwdlVVdENibUo0SlRKQ2NHUlRUMEp3U1VweFltVktOVzFMYVhOVVpDVXlSazg1T0ZGM1kwaHRTWEFsTWtacVIyeHFXbEExVldrd2JHMUZVSE5EUWlVeVJrZGlTSEJuZW5sRFQzZEVTV1ppZWt4MVNsTktkVXRIYTBGb1RYZ3liWElsTWtKS1lVWTJVMGgyVFhGTGVYUmxZMVJoTlZWNGQyNXZaR3B0YW1FNFRXSkZZU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbkpsY3k1d2NtOW5jbUZpWVhrdVkyOXRKVEpHZDI5eVpIWnBaWGRsY2lVeVJuZHZjbVIyYVdWM1gyWnlMV1p5TG1WNFpRPT0=  (wordview_fr-fr.zip)

1 / 68      (PUP)
http://www.bulktownapplication.com/c?x=tXquFEYxeF9QGWtCFT1QHbXSYrKbucKC0ydNm3J2nt4=&c=1wYz0Xbnh3HsrlprGd1tHNJOqOI0So9FjyGzm25k vlK9 lo9AEEVdxPpoVTbSJcSv9JMIRvQgGBEfjMkDGOWiJXY08LnuZbc5nuAa6HXrXYao4P2eiNttT9ZTAtobYe&fallback_url=http://res.prograbay.com/.../Nero_BurningROM-12.0.00300_trial.exe  (df4d268e305421238cdcf87b5b460dbd)

The following 6 files have been seen to comunicate with www.bulktownapplication.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.