home

www.centralsendcurrent.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
centralsendcurrent.com

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Vittalia.QUICKIDEAS.Installer (M), PUP.installCore.MICROMAX.Installer (M)
100.00%

Trend Micro House Call
TROJ_GEN.R02SH05EF15
12.50%

The domain www.centralsendcurrent.com has been seen to resolve to the following 13 IP addresses.

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
June 27, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
June 27, 2016

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
June 27, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
June 27, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 7, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 7, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 7, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 24, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 24, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 24, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 24, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 24, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 24, 2016

File downloads found at URLs served by www.centralsendcurrent.com.

2 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=A0gBlqykT2FMLMFGYUME1pmDXQXIxdlYAROqGXLWbdg=&c=eoDN2F35Q13rUrkyIeYPwmW10uBo64hRVZzdKaMnem1UTR3JJlFYWt7s0379V3Cggx6cPv7jfgTrL2lfRa8sEBFenlHtAGwHvOmExdkeo9oWDKubpVNsUefkx8nEEoy4mV9kndYf9mn29pnRV2BXEQe4YeZb17kDyNOjx8A8zcg=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (e555e9c59da4d0efbb2d68b4f8c330f8)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=Fa8sTMILOvrF3EowbI8npQhhmfb6GRiAMp64jzbA8 M=&c=8c3q4OEOMWSoRmix3rKVRoVr0UtSF3iwUQmr 0IR7qznC3xkZx5QaNxxK JF9L78c1TeuIhUKmdXxtx98IQfoQ/DAGwt0gfjZMesi5AwG64ZNY6Zed4o68qZJ324V7OXBSMIr1ZaZZwU1F6cps auQjDYlzJd6Kty2He/2DTPvE=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=HUgt1TJ gaRco1QnOxQbZzRzKt75hrO5afQiskMmyfY=&c= AvEEifmoIRic2Mk8VRg8gquocxXg2dWUFF7KtIRByZlmGxYkrSe5ZuSYfRG72LxK98zJcH2Kued01Y1oeFgF5cbBGGqSznf/YMNzJopZOGuD8GOUSRl1zsdUaVWxqX0 gkbDXX7U0T3TYD9rn8865x5 N4N4/op9C xwn3cO/g=&e=1&fallback_url=http://res.mshist.com/.../ClashRoyale.exe  (32a3cce29c36e8442f3dd19ac94d099b)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=JH/nOBVLGNmaiy9lmVWwsaIcAYnUyN2IPQMRUUhedaQ=&c=WY/N2QH/V stRvAATOpr/rzc5XI3r/L6RByq5SWZxPZHS 5HnK5zIUqkvJgYk9WgK5DDBw8IlEutiWsIqhZnLFusw/qJ v EQeCKUffDvVgr0Yw97I4j2T7M3yIbzIMZ0NHMyS7oovBm4Nxppoxzj9VwyGwqSAUcKeyJL94deW0=&e=1&fallback_url=http://res.mshist.com/.../AndroidEmulator.exe  (d675844f11da1d752819a64cc15f3d6d)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=SS1SiSP9d5kzLo0wTrQp/cvnURe5hHmh1jSgYQxnqd0=&c=0WPAXi9C8n5TADY3N5u662EQnxXmqU1vPPRL/VCCnbgpziuQPMlpgLkNCosq0zdJi6Czr6qgDYeZgIS1Ouu pqVEL02Fur5TLT1Q01dkxHQqUGYCcbQsyCam4y0RQlpn&fallback_url=http://res.wosoth.com/cache/upch/.../UpdateChecker.exe  (0226dc51ec4eccf6f658a6aa0b7ffcfc)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=vLznGjU5l7SI6ONiTxKkTGk7BGlEQeh0QlCmf3n5KCU=&c=VPY/6lisXfy89UZASDGn2FZ36LVP28us5SwN2hcFTZfCOufaZSMinlkVEuguN/flv6ogSS51dd/3MzNYBgDF3ZGzXlmghdTirRmCncyhF2Lx1Qy12LvbGNLYSW7wPIFI&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (e63c0177d0618f722114d775ae959b3d)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=RpNY7nePt4Uyz40DAanDvfp3dpwUChBYoWVfPt5nmGg=&c=Ue mbWQW9KeLzWMc04EFEbt8JFUhiZPvvl23U3hTWqOyKvPVSEdEYfm4JDlPMIJbYqxxPbDAnN3FuBBj5hGAhoWXzNlNu7Dx7H1r0L/3yAyvPwEQ0ECrIZUJzS4qYzjuO8FZn5B6u38MYcijNCeIhTKGqZGRhb0R/0cF8LIcUCs=&e=1&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (d1812f5aa070ada3f7384c83366c4866)

0 / 68
http://www.centralsendcurrent.com/c?x=ECHL0he4CjyJyX/NL4e1EYxD3NezB Vy56fcD 6/Mo4=&c=p2kJMiP6epOqtVlz3QtWSwhVuz4nRvpr/XTIn Aki6PPFuCyKewVMgpM9wCNDbT7 xSHTSgOY0NouruSQBXCtXq5mIzxOBhBjwlVoiIIMh4y409OpSel37xE/whN 92RYYbpcmYIAvVHTwHN4Cfl9aO36yPrlfBh9bBu x2fER4=&e=1&fallback_url=http://res.hufftos.com/.../AdBlockPro.exe  (abp.exe)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=UIXV8lUZekxJp6nmd0kDgEdhvUtCYLVCg7RWnNmgjR8=&c=Jawzb// Y7ZXRuuMg47gVw5gIiOa9GqCxSWnEHtSAT50YgSLvEsKpmkybrmsmbnmIifd7e8l2BdFAcrkbmfh6HE5hhVi oMeodM59o/cQ3J4eiKKh2pVlVGp5johhroBUZRVH3tkCX4N9o1swfpe21Euo8ItgmXzUdLoRnUUdEA=&e=1&fallback_url=http://res.hufftos.com/.../AdBlockPro.exe  (06a916889ebf80f6d1723464ea541b7c)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=tegVaxIbXd/oEYyR0IOZyUDtHARLRMIUYs/DgYgdsss=&c=TwFsGGdjQqys5eRcMHjPmC3B2XPnVhVx5gMZ2Nrq46vXxqcs5nm3Bnnuzq53LsM2NrSwXJcR3Sjvrt4X7fm6GSllMQBMpf/nTyZ9IMhfsO8OjIDWEYN7bd2oENodj5AzFcMaCMjP5iSwI8ssTykRQoGhCTRW/YP9mMC/E4nUQB4=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=JvaXKlT3cYqW4jP26kdSm6C9HvQ1Iz0UElHuNXVt8Yc=&c=oHhvg9hl2wdg5rVc7U6o5yttyjDrRXrTDC/XXdZOll65igQTkmdGzaW4vJ76dCMYVyVNKD5VtWI/MnmauRxT2xhzCz9B1bDSPDdmS6orMmWdVgl0/QdZRdULSPZGrkzMlxnFsTWTIJrKvLy1pa/LAphcsY0Mkn9vNiR U7pKY7bYX7NZEeQ9nP4dJEAAN2r1&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.centralsendcurrent.com/c?x=NQ0BCBwradjczedgH2Gxp8o2bbOrmZBd/EJ2ctyuaJo=&c=jnD 5Zv9MUFF/5YszeJcPiOmgZeISPLR3x6 HnwJIhccPTu4cf gNs4QwSU0kS1M7zXwCz2LCCKYvJYxt1XYeekuuPVAwmsyJd/HF5MePtcEJDrUBohOtXSHojtRsQKA&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (e63c0177d0618f722114d775ae959b3d)

The following 23 files have been seen to comunicate with www.centralsendcurrent.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80
Client.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

 
Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.