home

www.capitalbestranch.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
capitalbestranch.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M)
100.00%

The domain www.capitalbestranch.com has been seen to resolve to the following 11 IP addresses.

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 17, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 17, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 20, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 10, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 10, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 10, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 10, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 10, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 10, 2016

File downloads found at URLs served by www.capitalbestranch.com.

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=nJ31ZaJhOJaLxeLJyng/IQvhEmIjHcB0vdN7BsKEpYI=&c=UqhQwODOzgowpcTcAUDiMWvd8zhCTArA/jO2DfHe4GzCGuriMGIJn2WjbXPLxY5iHNjKNhPJMY5NU7qXHRiLClq8ixjYJWcKGuF6/79VMFElfJhW5PCrbPlgTHG9l7J CKWAChCHnarleCWGzvuVcDQPjXjxq3g3k/SvqiT2jlRzSxxTRW07LS8iAgkIh9ia&downloadAs=FaceTime.exe&fallback_url=http://www.ssuitesoft.com/downloads/.../setupssuitevideophone34.exe  (19565a99982dc7be055187ea673ba8a5)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=0erlZNT6X1kD9Bt0GipjhWyBlyPw1/Q0V7GzjWF 3GE=&c=HMmv9g6jLO3MjwwHHGcJCk5H1F4r8Ywk0pSG6nznWWi5Mqt7euXxqrlpug4Y1gl/Mf/XARJVT0Q/TV5ZmeRi3anWyRq9ObCdR073BTU59jEIEUwoi Ekbk6K4YfhIb6VR k9Zm4jn1y3yCig6LWhaiM rejxBKD/v0r q3 pNUNTCi/zsPNJTWnlFrDkfdbo&downloadAs=Microsoft-PowerPoint-Viewer_SP1.exe&fallback_url=http://download.microsoft.com/download/f/5/a/.../PowerPointViewer.exe  (e10add21f1c943b3c5014d6130575451)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=vIYZ1BTxr6eoL7gz1AYJmXPrjovQa1TVPdUso8hus7Q=&c=aGRtd6lU0iULotdk/wDEnwWRcyEf/czibvhrmffKA4EVLEohJ1iuAWgdDw1Kqxxy 7lDEW1UxfilJQ1c0TMZgA4INWM6DHCZ32grrcW9DG6gihzf6pkbDyAXGxBqQ1P6ysbSqfWg2Dl7Z/P1aK7G/YCY43UtIzvBqAbJvvw84N3K9RDSHoWRim1QkWV6yPnY&downloadAs=MTX-Mototrax.exe&fallback_url=http://download.nvidia.com/downloads/nZone/.../mtxdemo.exe  (021ec64f66ddc589ccd2c2db06fc6365)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=bDaEVXCGBi13yZmDg/r0w59FZs6Bk4SvYKvTgjaizqM=&c=HDkh6zJFC6pFV7pqVlhmtzKLEs1IOOe/CXLxpQKo3CTyCmM5RjyfmMFBF4/EGS6MC9KAyMEmngYdzAPJFGW1LO Ja0OJe1IMF XOzUurCMk/Jk826Jof5uHryMBwjVM/Muf1EFxd7 Y/ljAk8x3dTFbnOjSjV5ulpmAjUjOvkeW8wELtXr0viHILmXZJ7786&downloadAs=Music-Oasis_100.exe&fallback_url=http://dl2.cdn4-downloads.com/lm/.../musicoasis.exe  (icreinstall_music-oasis_100.exe)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=BPev0SBfKcKUnj6RRPGGMPmDevgQbVK9bxvOHokedhg=&c=v6yxLFmgAl5SDkcKPKAI8o2xx/xll8AwnaR/PN/CaMIGheG0tkuETW5V4X3hQPCvoD clmAi1ML74kdAypNjFNDIQgzi5C1Q2DzCARbM7aDt5WNuJ7M2v2Ly9w60ZLPRrMJxVvbv6WAwV0h3NojDvWZt6lj33cZyae9fNb3cwOYRUkOo1gv/M34WFm/9KKM6&downloadAs=PC-TV-Free-Satellite-TV_2.exe&fallback_url=http://.../setuptv.exe  (d2c1f40180f8ccf9ad9106da4d6e85a8)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=YKE1QlprXEXxPvDQ49viebeOpGjRhpjfNoQfwCVUue0=&c=NtWXksTZZG6ZsSI6TPNKjJvrUbMFxmXiJ0OcJ6n1r4WuI9g35BiDbAl4fbEEIjP10yL2qUmP51D/Qsf ztm63oVBGGn6dTBxd5Pt05GOUT23/7fAOorpCPB2kWtYyz/pf1tdPiD7Lcp CCz Vi2o7anmbcgx pA8ceSYek8X0PUDia5MQU767D3QdGhtdPUL&downloadAs=Assistente-Pimaco_220.zip&fallback_url=http://www.pimaco.com.br/images/upload/.../APMaisV2.2.0-Windows.zip  (icreinstall_assistente-pimaco_220.exe)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=tpBNq8xyXLdn5HSAx9WffACLO9/zjS S9Reyq0zQJcI=&c=c/TQbpeE53UvlY/F2IjaX7PKbyoY/gggRL6a7Azng9v 3dPSGWi6e/hGju QFHrukHnqRigQ6L23t1kMNUpHO3zd8 Bek rvVuWoQB7cagar DIPy6Vd2tUnfQsoVArjATXjTOj87GxLMFKp9DqsksEKiQwKHpdl5JMOX47WbUvcpK3ou7w9ARDdoiUS4BX8&downloadAs=URL-Helper_342.exe&fallback_url=http://.../urlhelper.exe  (a377fb850d7f337662d45dbab0ab7403)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=OGP3bxzHckd7pZLVBllkXqt9jS6tPgCoKfhJXZDWovg=&c=V/Mq6RXUGLM/Bhx2mxhad96j2tjWSuldItxMZkQAxNeEVGEFLPC21Zw1PDkIOQQQVo/WnTCzSkZOkPCEMwqsNSX0gmDpbQoFAeQqpOidqEzzIxucY4JAfHTM70XAdDdvf9z8fX7rhyzq6UTXcNZTQ O60KM2yUq9GndhQj78gIIroJfuaSY3z xC762T8xuZ&downloadAs=JB-Cursive.zip&fallback_url=http://www.sofontes.com.br/files/.../JB-Cursive.zip  (jb-cursive.exe)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=6GwMG4rwMRDP0hQtICU2KuIg2oGAo7x44OLZkgIwQ08=&c=54c1l0YbXAMQidClU9WVIBSXum 5F8XsvovmR78823wZzK6HjIXHK1DYCEYdFUSCC1n9mAwLuNmpfLWpsUxo 4a7iWVRBBYzpjmgP3u7iF2sSZEcpCLSScUwkqTU1dJrQ3dTxAnVyYKYvJ1 Sa0goI9uyBY7RZw45A9XPxAngR3iCCR/sFtDEnYn4DKHtz9L&downloadAs=Movavi-Video-Converter_104.exe&fallback_url=http://files.movavi.com/.../MovaviVideoConverterSetup.exe  (f92243c42c9263587eeb55db16604fb8)

1 / 68      (Adware)
http://www.capitalbestranch.com/c?x=9TRBdHYfoUdEfSOXl772FwOuMiEMA3lv2tJ XSOA2vA=&c=vhgZYIkJmLeLa1yqZE3sx3ZjMJ ADuh5Qwclxh3QlKtbeNKpp25dOjBGVGzbddA9gHgjGoWbWWA6KN553/0A68dhPvQQLgZ7S92X/vXJtD4SbE0d9U44DE4orkOscDdY&downloadAs=NewYorkTimes.zip&fallback_url=http://www.sofontes.com.br/files/.../NewYorkTimes.zip  (newyorktimes.exe)

The following 6 files have been seen to comunicate with www.capitalbestranch.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.