» www.bytetowergift.com
Overview
Analysis
IPs Addresses (17)
Downloads (74)
Network (36)

www.bytetowergift.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

bytetowergift.com

Scanner detections:

Detections (67% detected)

Scan engine

Details

Detections

Reason Heuristics

(M), PUP.Optional.Installer.KORAMGAMESLIMITED.L, PUP.installCore.Purch.Installer (M), PUP.installCore.Webcelle.Installer (M), PUP.InstallCore.LAMProac.Installer (M)

100.00%

Avira AntiVirus

W32/Mabezat

16.67%

Bkav FE

W32.Clod2c5.Trojan

16.67%

K7 AntiVirus

Unwanted-Program

16.67%

Trend Micro House Call

ADW_OPENCANDY

16.67%

ViRobot

Trojan.Win32.A.Zbot.4539792

16.67%

Trend Micro

ADW_OPENCANDY

16.67%

Vba32 AntiVirus

AdWare.Gaba

16.67%

ESET NOD32

Win32/OpenCandy

16.67%

IKARUS anti.virus

not-a-virus:NetTool.Win32.GushUnleashed

16.67%

The domain www.bytetowergift.com has been seen to resolve to the following 17 IP addresses.

52.36.112.186

ec2-52-36-112-186.us-west-2.compute.amazonaws.com

August 26, 2016

52.10.159.134

ec2-52-10-159-134.us-west-2.compute.amazonaws.com

July 25, 2016

54.200.224.121

ec2-54-200-224-121.us-west-2.compute.amazonaws.com

July 18, 2016

54.148.183.210

ec2-54-148-183-210.us-west-2.compute.amazonaws.com

July 12, 2016

52.33.46.229

ec2-52-33-46-229.us-west-2.compute.amazonaws.com

June 28, 2016

54.191.246.249

ec2-54-191-246-249.us-west-2.compute.amazonaws.com

June 28, 2016

54.149.195.20

ec2-54-149-195-20.us-west-2.compute.amazonaws.com

June 28, 2016

52.41.114.34

ec2-52-41-114-34.us-west-2.compute.amazonaws.com

June 28, 2016

52.38.209.219

ec2-52-38-209-219.us-west-2.compute.amazonaws.com

June 4, 2016

52.33.165.25

ec2-52-33-165-25.us-west-2.compute.amazonaws.com

June 4, 2016

52.32.12.104

ec2-52-32-12-104.us-west-2.compute.amazonaws.com

June 4, 2016

52.88.159.85

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

May 20, 2016

52.25.41.73

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 20, 2016

52.24.26.116

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 20, 2016

54.148.57.212

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

May 20, 2016

54.69.198.37

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

May 20, 2016

54.69.11.66

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

May 20, 2016

File downloads found at URLs served by www.bytetowergift.com.

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=oV3pdy1ejer1P2xCNB4hSKCdx2f6p/hh/8K7u/.../gWMr4HjCGYChcZgPvaGTWD67fnzNV7QEVEDCbliFPTV0AGvK0qjH 69bJsmV5yPkpfjiJvlAoJJmwAZg4EBiopUPmboxQJ4AttuMPdwHlj1T8QV89&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=luOKftGzZR/RR4EvcqLJ8BfKvRK9sAwfI2xREuS17GQ=&c=a95DYfHjfayrffH/DctgqumbjkC4C mmf17WwvB0cw5WZr0hPOAJg0dCgahCsMpE5wB6uaDO0YMKgovC2fT083KP9RA/fn/.../BvvGfW4WAIE1EtHk&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x= zfrp67zZkrYw3QIpLYex9JQ58/faRK1NyPtyMpsDXQ=&c=tclmldnCsmQ2PZqnw9YiWu7NDjGLitls4RFJQjsh2g6 uN/.../&downloadAs=TomsInstaller.exe (Minecraft.exe)

0 / 68

http://www.bytetowergift.com/c?x=dXlALkfv4DNcdkippvnDR7pdfLG7aoXe1cbYtyR1eAg=&c=xVE2zNvyCN4rGoNqPUk8IoXGwMNFqSOQSqOhqnaCxjNWLfFmyDRdvuQYNUbvgOQZSB3Ga7aG9qQmxdSspZV57JTL0 WgYuGVcTgttN2QOqR bF0I5Pu7KYZ62ZeTZQ1d&downloadAs=TomsInstaller.exe (dxwebsetup.exe)

9 / 68 (PUP)

http://www.bytetowergift.com/c?x=UIhR8lF8Tp3y2iR2EMVGKEWVTsx06HaiAFwJpQnKqx0=&c=R8fDdoRKJ7P7nz5G1jqqQZCyIoFhut9SGWWt68a1Vgsededt/.../vEkJLfky5JzV53&downloadAs=TomsInstaller.exe (5643803_stp.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=FccjCATfhPeS/gZloYaeQD3ax806lJPNTCnz36EeRKo=&c=Uotg86B/q4HF/8NwVno2EpaNPlVW2GU3Pwon9vwlcpb1LICq5/Fw8/.../k0z3mgU44Vh4l2bvgirb88NOQjLAAl36ywv7rKcvX7iXDBRG 25&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=O1iRxtTHNHaKwLmACouwSeuV7NDr8lkWfijs4AQqQBI=&c=vkByS0n9JecOOzKaBsQUl2Gw20Flqnpi3iOl Tcu7NOs7SLbEgAMbbPWfbXIVZflUKxHapzALvCBS5QpGVwdFpdN0jqusJY0Becpyh7EKiMlsiGlqz7p9jnRxWDMlXYy&downloadAs=TomsInstaller.exe (Minecraft.exe)

0 / 68

http://www.bytetowergift.com/c?x=vlz5CRyIStKQvXOJKc5fjonwR2IEG8AGr8/VvMAXTrE=&c=ALRrzMe HWA7qZMRIrrAzDXuwgv6h v2TPSgZb1FaIyztsHF4t8i3j9mjYaZs77K5zHTLG1l8iJSTDVOt9o/.../t2fbtwtJ2w0YIoCjqHX4S&downloadAs=TomsInstaller.exe (dxwebsetup.exe)

1 / 68 (PUP)

http://www.bytetowergift.com/c?x=7nGgli25DwksMr32g3V/bEjn IswDghot/.../R69NaEt3GNzQzIXYQgPGsInZsLyyuaGbt5dTZRX8wE7F05nQKLzd0WceA&downloadAs=TomsInstaller.exe (minecraft.exe)

0 / 68

http://www.bytetowergift.com/c?x= oDrkCysbu8hM/3PYPYeU08IRdOPx9pNi7aPagwswCU=&c=4m fsVugMIq0/.../Cd8BAjY1wl0&downloadAs=TomsInstaller.exe (dxwebsetup.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=jt7HBvApUBs2ZyS4OE/W/.../F5PBZ6pBApFcdI7WG1y8fo1FhhlQSATm6MLHDd7HgstFjBRUicor&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=hzLgoWE3OHuDTAXgKsqaYfgML7 N0gxdtrpr7Grjxk8=&c=yzANSEN4eiWojgVT6vD/.../Xrved 0IOMmCRUEjDu0yonTXRVZFFFDta&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=LJdHonLfY8eg17JZ0THiCSRcaHSMa7funjfLZu735/s=&c=2gF8IzW8u i8BaAwgkLLdM69abv1KBcfkiCBqzbuQEqLxJCKYXmpAccxE1/.../YWYmkzbCND3mSu92YQPDa2SKZeK3dlXYK5UhzOXvGFNuXrhM8d3&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=KpAzIjyDvwIigK5RSvQQYMGt6wt6w bPi7qdfVS45g4=&c=OPaL6y0MRRY5Kyq9DLkLgASSuDuW1gQL54Ic33h4ER2QkI2hacLOPwZ 5LIgA W5LFgJnqJyfsfGKf1DmXUm0wIP8TV3HvBih8WutqnmnF3 oJ5nGMANZ4mJn2ibh9U0&downloadAs=TomsInstaller.exe (Minecraft.exe)

1 / 68 (Adware)

http://www.bytetowergift.com/c?x=1fhcrHg6WDb1ySXxy3fln3Zw9CaF9CpnOImwpmWh9jQ=&c=lTQdcwD9Xa/.../EmWUuhy5B3NiabTVNnf2plHGiDKOhaekX lRTJwMLgLZKqSpHMl7XSLiXDqEB7n2YEhaKFE2TktfX6gIAtJa&downloadAs=TomsInstaller.exe (minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=fY1qhf46 XdYqRMU/OQRKGQDZguiSMt5T1sqla/ODE=&c=z2iw2jID80qlIzi9hYE3kIe3hmjSKBGfUW/UI0pEMBvDFOzsBj1W9wxp5O1L0K7 PePT59rwhFSia17/vC0KeslPpaEmf2 uN2soEV59isS9SAlSJ/.../EfCgKGUB&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=jpH32koqWifadFBsetXeIqRXMWohz4m7PIrAGBbEVU8=&c=16jPUQCMxBqsOclywlnkMUe2dkuTCmnTFTxaH4r a7tOwoH9PpdcxEOWQCIB9xJLvQrMcPiJ1VpkBOxb1b/.../czVHNP3uLIgOIhPidEg&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=9Cgn5iBWI6/bKuD4Aoc7dE2cWyYpr1460IKRNZTJiD4=&c=AisVESEmsjsFuiO6wI6OsW7VBuBzXHFyVRvWWfGDSQujBW6Qzl7qSFzq4mm0B2AYqb9Q/.../ibSfUmnfir5KLqvxv5jr5vk9EN3G26oi&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/.../po5oKo8JYpGNQ7imeDyWGnG3EKBOmQQBg=&c=MnTL5kn6Fcz8RbqpDcxIlOEatcsW1WToS1Xc4CcHdq9cz7SFEddtCPbDCjcVUygQ2GJaOlt0w mPiOPEgGgSBxYF8NQaqEUtAGKD5SSZ vAeJieZTX8kvNZaI9NmLrQ4&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=WoWkqUfK8wqZgD5z9T2QDWnVcB/.../temuPVnj5FKqrNLUuhu7L2RVDIt4YksMvzm0fewBBoPDRu7&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/.../x6agXMlZdpinY0&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=BKv0Cs3JakkNivwRqzQchYtjELkOI0AVfYybyMxRK E=&c=Wbnn tcS2ATLo3SRAfk3EvGrT/Vr0oFCuVVplZbynJhOqb7Yfd30ZgrKSt0UQxdRDcSwTsqU5odMF4b/.../fsi6qzjBSm3tFaoDCjBXti4njDXaMLqWsJfX5T3CHD&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/.../vAZSUFOxg4beilXOJXVWxvhwz SUtyR5xZkr3JxMh6Au7jgzJw9gzec6fw0Lc8N4Scdw534fG1A8nq6KiKq1&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=14ub1D4cFhBrORk9dc9ciCVcn5/xJ9rill5SESPA/.../47rshpFZdxiquQ1bCtRhgXl41vBiLa7VAxXenEJbDwkTzAgCQ6rHhv1NtwHT6F8Ipk3uBk cm5mRp1tyTKX2AX4w9lkGRGIFX9O0gvhhezmIq&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=Q7fsPL53EkWlo2g5JrZ8Z4DRSYUMHiM/ysB/.../dyEQGgcb8E14rv7GlK VV8TET&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=P2n5RdPB7dWPFPI5uV6PW0WyX0iASLXQLYwh6h8J0p0=&c=Y8JMAOwqr/.../itZ&downloadAs=TomsInstaller.exe (Minecraft.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=z28s8 mnNz5kf3HZJiGjVAOI7AHAk QN 3W0TCnIPDg=&c=beyfA7RLBoRik4ZWCKtTeLF9FbOY3jUCXQ3ZOkD6Jn/DqokrGNdNRI77kyUA92/.../luTX&downloadAs=TomsInstaller.exe (Minecraft.exe)

0 / 68

http://www.bytetowergift.com/c?x=9bQ//4vIAHR8mvSExChPDv KjYfm qSYNydsqYnf7Xs=&c=n5dUV9CTKoOMOY2tazn/cTeEUgaO4dvTpft6hDGogHKnWyXqCHlqKOXG X6M5OLgW3jLC9k1E6M/LjbAgUHYYhvQd/.../EGzhT4EvUfvF daG&downloadAs=TomsInstaller.exe (dxwebsetup.exe)

9 / 68 (PUP)

http://www.bytetowergift.com/c?x=qnYvS5hZ7uA7U8Co36QWa04Z2dWyBnlYy90AMQNn/R4=&c=2bEWlaS6df4gFSIdDo6aVlPUsSqUtxG/.../hyfLYhrGDaVUn0cETyJam1uoHbJ288t0M0hVqJw69T8oaFiPfyfzZTllEM5vzTAsc4F3qM9jFRAQHRHLr8T2Taly9LN5iw&downloadAs=TomsInstaller.exe (5643803_stp.exe)

2 / 68 (Malware)

http://www.bytetowergift.com/c?x=u7SGgnZahEhKBsISCLOWXO0tlbs3wbqtnVqd/.../nZgTrNt776VChAgx fC5u 5LQ si9zLODFG ZJfGy0MHcLB1KLXRMftBUb5FLtfCZFwM32eQzDgqUpYV&downloadAs=TomsInstaller.exe (Minecraft.exe)

Latest 30 of 74 download URLs

The following 36 files have been seen to comunicate with www.bytetowergift.com in live environments.

TCP » 52.38.209.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80

browser.exe (Browser)

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80

kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80

browser.exe (Browser)

TCP » 52.33.46.229:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80

ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80

browser.exe (Browser)

TCP » 52.33.46.229:80

Client.exe

TCP » 54.200.224.121:80

kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80

ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.