home

www.bundlecurrentshare.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bundlecurrentshare.com

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.MICROMAX.Installer (M)
100.00%

The domain www.bundlecurrentshare.com has been seen to resolve to the following 16 IP addresses.

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 19, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 19, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
July 19, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 19, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 19, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 17, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 17, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 17, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 17, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 17, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 17, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 17, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 17, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 17, 2016

File downloads found at URLs served by www.bundlecurrentshare.com.

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x=5KkXewA9aSXv3ZZbbUe23ptWAB4F9NKXsqcpjrqsuoM=&c=zkweabjxzBl1t9aPlvNWtvh9tfPMC1C3xI5jFrjxU8Af 8VW8pMVb66cs5xHQlJQ1CFvRj35Vv3p6nO/q5pCotDpSJiXxCiyATp37xhbEX2Zhhq4ozYLnGeERwaHaC8g&fallback_url=http://res.hufftos.com/.../ChromeSetup_fr.exe  (0db8446535f3f7102a122c9f2bd60c27)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/WVl6OTRQWGxLYzAxamEwcDViWFYzUTFvMWVGbFRlamhOWkVSM09HZDZiM2h4YVdOTlZFNGxNa1l3VkRacmIzQnpOQ1V6UkNaalBUaFlkMjEyVW5KRmNTVXlRbWN4UVZaeFluUlBUVWxLWVZBd1pVMVlKVEpHSlRKQ2RFTjJZa2xPV2paV09DVXlSak4zWm01MFR6WTJlWEJVUkdobE5VZHpXWEpHUW5Cck9UVktja2hZTURCWmQxRTRaRWhrTkcxNE9WRmxWemhXV1dSa1YyUjVZMGh0UjI1dU1WUklWMFJVVlRWaWJtRXlVemxMZDJNd05WbE5kVFJ2YVRsVmFWWW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWnlaWE11Ym05aWFYTjBaWGd1WTI5dEpUSkdZMkZqYUdVbE1rWjFjR05vSlRKR2IzQmxibTltWm1salpTVXlSbFZ3WkdGMFpVTm9aV05yWlhJdVpYaGw=  (updatechecker.exe)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x=hYF4Qc5QhRAOg3kj/dCZscxzWjPTxTmldQO2YfyHUGI=&c=THXhP2tepTgrHQSu0FZvoiMenjx5ldt3QVUiz5zZRvGfFB9CMRWOqvUvygWrHQVckO8NiRCDZ lKd8vW47gvI3PWbVVhtO8/tecjoQ5iT a680G/3nvm1gn6Z3HdqjlY&fallback_url=http://res.prograbay.com/.../PowerPointViewer_fr.exe  (a07d983781eedb5432c2d2b2d703a253)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x=oIRsGNr/ho/8R SQXW8/iiDmKVfJ6uIXpzgcKuu8SaA=&c=uamPtXsXwhJc/18Q vGDO7jj2Sta1kJx40WVTzge5ir2NNmQhTPVPZaVkGxDVBrp9c iOy2JKdY/XSG2K IKft au/JcBSdrO7bhyP66ccFZTRgbagiRh3/HrNUb9/3G&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (icreinstall_c.exe)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x= 6VcxI0MHP hjotvxH41Ydhj3 XFCQIJkqMp HYLPxo=&c=MGQ91t8dEYZYgIokhAPxcTIlK8F7LNkpX3rXBvl3VvVFIrYpiGUAHzv0Q664HGj1Rvv70Q6f07nNZsnrBryvfYRRMRiRVqs88wNJFXAG4Wl7IJCkWtI8zamD0s8m4CqX&fallback_url=http://res.prograbay.com/.../PowerPointViewer_fr.exe  (a7086a90963a022e1942709fb47976cd)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/WVl6OTRQWGhvZWtsTmQzWkpORkYyTkUweU4xZEtUM0F3TjA5WGJrY3hWa0ZhVkdsWGRXMXhibVpqUlVaUVUxa2xNMFFtWXoxbE9IRm9SRVIyU1ZsdldYaEtlVkJ0VVVSbWIzWnFiRGhpZHpoUVkwcFRlRUpQZFhCYVMwYzFNRVZpWTBGemVtSmhjelI0VWtZMFpIUkpja0ZPWTB3MVIydDBiRVJLYWxWV01UWTFWMGRuY25jelUzaDVhVEJaVjBWQ01uUXlWbHBEVFUxMFdHdFNXV1o2YTJ0RmEwOW9kemh6ZWtwRWNVbGpUa1YxVjB4RU5TWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuSmxjeTV0YzJocGMzUXVZMjl0SlRKR1lXNWtjbTlwWkdWdGRXeGhkRzl5SlRKR1FXNWtjbTlwWkVWdGRXeGhkRzl5TG1WNFpRPT0=  (androidemulator.exe)

0 / 68
http://www.bundlecurrentshare.com/WVl6OTRQVFpLY2lVeVFrSndOMXBWTVdSWlFVdE5aM0JDYTB4aU1VOVJTbTFPZG1zME1WaG5jVmRVTm5rMFEwczNVU1V6UkNaalBTVXlSbGszUkdsMlVURjFTRlZRVkZaeGFHcFBVRkZSYkhSNFppVXlRa0ZJTTFVbE1rWmlSMHBSZVVReldIbEZaemxxUW5Zd1MxTm5PVkVsTWtKdVlWWm9kWEk1U1hvbE1rSkRlbUZKV21SQ09GVk5kVXhMUVRsYU9EZGphRnBLU1d4M2RsVldOVmxFZFRWWEpUSkdVbVZ3V1NVeVJuUTRNRzVLTjNVeGFpVXlRa1k0WkRKNGNXcHVWRVF5VEZORWFpWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJuSmxjeTVvZFdabWRHOXpMbU52YlNVeVJtWnNZWE5vSlRKR2FXNXpkR0ZzYkY5bWJHRnphSEJzWVhsbGNqRXhlRE15WDIxemMyUmZZV2xvWDI5MGFHVnlMbVY0WlE9PQ==  (install_flashplayer11x32_mssd_aih_other.zip)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x=MxMN40nX20ztXW2uoEBa9OlZPyd0x9xhWZJhxBAcA1M=&c=EGxWSsZNjNCy57d5eJ6/VperVurgOQdY yaDK5uMUOB7gh0DB sIQO3lP03yL6xAt7XvS6ZShBo6WtYhgIWkg8srMvzguc1XSQGaizuLEHjKwu0bhQM8TYt1SJs/m0JA&fallback_url=http://res.prograbay.com/.../install_flashplayer11x32ax_mssd_aih_ie.exe  (a865ddba07de390dc9e3d79b7a080a7d)

1 / 68      (PUP)
http://www.bundlecurrentshare.com/c?x=Y7JTJoRFxuSyMdl062WrwLeFRMPVZOvoFerhqMFB40M=&c=zLcXPQ8opFe7wxN6VxLLNW6pYJ5Rk4Pk30ZKUxhKyLydqoxmHq31P58quf Iyz2bAfmeRItTW Xo hBMvtQfQ3g8625eZ/gpQn0LPDFGFAVncGr/9vThq0aWdwKdwPBC&fallback_url=http://res.prograbay.com/.../install_flashplayer11x32ax_mssd_aih_ie.exe  (fe6c90d1179753d457bf074d447e7645)

The following 36 files have been seen to comunicate with www.bundlecurrentshare.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.