home

www.bytetagranch.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
bytetagranch.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.MICROMAXSTUDIO.Installer (M)
100.00%

The domain www.bytetagranch.com has been seen to resolve to the following 16 IP addresses.

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 3, 2016

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
July 3, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 3, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 3, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
July 3, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 15, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 15, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 18, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 12, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 12, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 12, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 12, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 12, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 12, 2016

File downloads found at URLs served by www.bytetagranch.com.

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=wzYZW6VzSnj3KI1syqLJJD2cujUg86yBFCKbM5NoyFs=&c=In0NSdHPPXZLGn2fHatzq88LaPSxGHKGAyXiAn7vvsqXY7pZLAbgvzQnTJuZhuUcmbgej3a5HNKyYtqzcowUstyMSQrerC297HzRe2To/jS8mXTek1L/1 15 LyDbaeS&fallback_url=http://res.mshist.com/.../ClashOfClans.exe  (8ba7c196d6278f131614bd5e09596202)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=o/9JpIeBPSiA95iNxTempkvFOyp6VilkBWgUiuBJ7zE=&c=tCjqES1NUfc1WohvmtUOyQ zTCEWsvOB9UFrz2fM8EP213KSE5IRLiwpvbN1jlIMj1T2 G5eLc4OjaiIX2 8s/lVsZAEjWaWS3gr4L gJYkT0Zrt4PbJtlSIWGyZRjP9&fallback_url=http://res.prograbay.com/.../Minecraft_1-5-2.exe  (fae48e258c9d4764850cf3fdd675c03c)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=oec3M47KINa2 PmmCrEDdAq3d EErb0k4iPnlKkuHJU=&c=WeBsqWt fIm555adwYPYjrSAjd1DP1mHjOUDphgxpStcebIUzHYO7w1zZE7d fmbf kZ4KQHK3OVU16Sg13xmWSVPAC1aUCBs4zif8H8iS8a5QKYiy4TlrIOemP2VcD/&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (6fbbdda78eb07e18a67b1525ad32c9a7)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=h23iDMWZWOOcItpwhPBc JjP6yxhoKs5M77G12dgVUE=&c=yzYsr 3oVQpYS0ia45le A1RL82B B5jadjNKcQpiD0Tnaf2bVmHpsxxq5c /10mObxA 6bI7joV7pZKW7gPZd0LpGgSZswCvbWNsD84VWEPulKBW43/iGgHLY3I7xOs&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (2f2bc2548d18b12cde65f9f6ab05ca87)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=pBWHI9h/ 8zf xgQqxZ5Uhds1YtwzOfAusFs0sKGngM=&c=Fo2YKmwpbd25gnz3IAM Fa3b7mbgyFExq1rL9/6dIRlmxlVl6oozWFn0YMRv2sa7vmk3splGIeY8vsokdFxxNquEIda9J2DZ/9N2cGR FvKa7Xs8JNcmjebEOcpvCBOe&fallback_url=http://res.mshist.com/.../ClashOfClans.exe  (8ef1f66128c856fdfe4eb4ba0d005f39)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=L5 O207/vA8rxmuY8lc1chS d17LG8yrojRrFblvdgc=&c=IJME38BOt4UAQuynp91jOrHwc2il1hafBphDdMCoowxG6/ej VIdwxorazTSOqJLudnG1MgxSedqTiHf3Nvp/5c1xdjRrXaophmGtTU1e Dm4r6Kmbb96K37dUuIhsFN&downloadAs=skype.exe&fallback_url=http://res.prograbay.com/.../SkypeSetupFull.msi  (eac0d7bf39be3ccade6e974252edc76b)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=SZ11AXYLZDqCYcNxQ6vIkdV360SfwpknYjSGN7CgUWM=&c=fWlwmfbXEegVdNzNGTIyJh4NQRZXkWr2lYZGlpBD9AZomPCcJKhvdnbsYiLTOuIY9UMu5FNiqoRuMAPLMwZavOMCEaYJNyxg98zjTNatVMflvohp2fKmkPAdlkr0 vXQ&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (2f2bc2548d18b12cde65f9f6ab05ca87)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=Mb6S7zM8Jgqz33KsVf6MJ5FrOQohdONkotaG3Km8ziY=&c=JQJiv5A3MlC/NovGDRBjcUTpcpeP1TehQgBlcbrh 97W7B gdAbkC 8teIW Gw69KHc6/rB5fZpIGfoWQzIWDohYkisx23VFcVU6sZGvJl69VtfpaP8hyFT9rMHmoJST&fallback_url=http://res.hufftos.com/.../Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe  (fd97125faaa6146aa795e9fa37971efb)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=KP /7uBmprGhNyrpe5J1F3HYSyWNEohm66XEXt/qLmg=&c=ihudAR4Y1y8n6LZNhorVQ182mSGh5XJF0atDX6FhhlAoj3BSv4Qf3///QL YTsx7yE/D5sp4UYXnIUebMtWesTd8zR4 pHTfo1uETbQP4EIxgMtm5GVFtVf2N0L1AN a&fallback_url=http://res.prograbay.com/.../wordview_fr-fr.exe  (07bc49043be891ee06e3e0ac6450a09b)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=XXFPulswS9ajBeoT EhqhqPzCKJXYzYnabVA/VXHxbw=&c=WNa7zzxXsTGGGh4iN3nd cipAJbwffnTu IeRouEv9W8A6TGli61VOVfhvbSNU/u9sR4uYFVxwhSc8UMl6aAdRBJEHurLgMQ7E1gddbT8OMBjEQkYHlQKrF0N3Tt9pY&fallback_url=http://res.hufftos.com/.../install_reader11_fr_mssd_aih_fr.exe  (b845fa2d9cc3543ac541af8eeb00c732)

1 / 68      (PUP)
http://www.bytetagranch.com/c?x=SnWRlURpINHYnCeIr/xJ1e5eKllk8qhGMOWjpsr4ms0=&c=ARiXDaKeSAwC0PvCq9g7Cjt6hi0pIRhQDRClXEpR0HZ aJfrTJobyVRGtRFazjbrIneqBAyHjLvehKbGFHt3ciOfMbijJCRxxqLQ/mB/Wk/Nx9SOixw99Lb3bPQprrns&fallback_url=http://res.hufftos.com/.../ChromeSetup_fr.exe  (8092e80b7335c65ebf2c84914b4e60b3)

The following 13 files have been seen to comunicate with www.bytetagranch.com in live environments.

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.