home

www.currentconecptdelivery.com

Communigal Communication Ltd

Domain Information

The domain www.currentconecptdelivery.com registered by Communigal Communication Ltd was initially registered in January of 2016 through GAL COMMUNICATION (COMMUNIGAL) LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
GAL COMMUNICATION (COMMUNIGAL) LTD.

Server location:
Oregon, United States (US)

Create date:
Thursday, January 21, 2016

Expires date:
Saturday, January 21, 2017

Updated date:
Thursday, January 21, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
currentconecptdelivery.com

Whois:
1 currentconecptdelivery.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore (M), PUP.InstallCore.Installer.Installer.Meta (M), PUP.NewMedia.Installer.Installer (M), PUP.InstallCore (M), PUP.InstallCore.RE11 (M), PUP.NewMedia.NMH.Bundler (M)
100.00%

The domain www.currentconecptdelivery.com has been seen to resolve to the following 11 IP addresses.

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 21, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 21, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 17, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 16, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
February 11, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
February 11, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
February 11, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
February 11, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
February 11, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
February 11, 2016

File downloads found at URLs served by www.currentconecptdelivery.com.

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=SQpwy6awkkuaW9P0D2kK2yyMPU ncF5nGWVsxfP7wR4=&c=GbysanFqH3MlKEOs9D2y6Rr316bPqicyOcsrSIEuozQ/9wIR1H5UdNCchO7ib9HfSWUsKuEexxubk/1GITKG5V7gnZ6CUuU6bHUnaqGXw2HH3F46QB5LP838ZMm4ll7F&downloadAs=Shinokun_org_Haikyuu_S2_14_HD.mp4.exe&fallback_url=https://s02.solidfilesusercontent.com/ZmIzMTUzYzBhNGQxZWRhNDY3NTU0MzJiZTlmZGY3MWViMmMzZDk4MjoxYU1HRmU6Mlk1RmlzX3Z5eldFbF8yRTlObHBMS1dHWE5j/.../Shinokun.org_Haikyuu_S2_-_14_HD.mp4  (85af26e47a7117e64e5055578749515f)

1 / 68      (Adware)
http://www.currentconecptdelivery.com/c?x=luxHVN2prHO8hNh1mqVgq9/tpicfCvFPqzT lupf tQ=&c=RhZmtq4TW4F7M27iTXj4f8z10qGlFpJNEWe8 lwFNHGvqw0KKExHjsTfmORy/FEDAi7o UGDvPAOej76UAPKIYWMAUxrij8WIYY5Zwx7LKZbsRnPTVqn1igAgyPQvxFPOTMO/on5uPhal836fickKg==&downloadAs=WinSetupFromUSB_0-2-.exe&fallback_url=http://.../get.php?file=109e97af&m3  (8ce688a053deb970b7894ae8208650c9)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=OKTi7n/GTZecJUszEZxeQoItKOjvPctVGpaCkb6544k=&c=vfp7xb8pctoZPYb1eJT7sG52PYSbQFKKPekI0kQHS4aq1c/4M6BYv2zZTc30wef6R/DvdBPNtjvnJVyPYo9K60NwfRoK8PIZgG4Y8iR1ACAOPhlVfUnSVuXGw8oTgxkg&downloadAs=_CFNS__Kuroko_No_Bas.exe&fallback_url=https://s01.solidfilesusercontent.com/MDNkOWEyODNkYTI2YWIzMTFhZmM0YWYzNTBmNzhhNTgwNTYyNmIwYzoxYU1INFE6Ml9Eb1licUNRbWpxVXdQQW1CTko3U24xUDkw/.../_CFNS__Kuroko_No_Basket_OVA_-_Ep_41.5_Indo.mkv  (1150dad2c0e937927b58fd5eee4a83a8)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=FbD5a5DtlY6LirtWMP3Ve glmgKy7z6TsFBf xhpRkM=&c=6h e/OxaggBBNsdiGI 898X5RqRUYBej2ORMbtmackQVoQe6kH4uNsmyeycdL03a/2sR2JbwYVLqmJO9OgolnYgXYF3Z7m0M8HzOszhThbVBQoZ8NzOW5HLTQXqVYsGo&downloadAs=2_Jolly_Phonics_Work.exe&fallback_url=http://.../setup1.19.exe  (4ecaa36ea798c04237fb42e3e895476f)

1 / 68      (Adware)
http://www.currentconecptdelivery.com/c?x=rt0kBQTYEvwfVa503qvNT/gtTnYCcWROkIN9Dy2/ZMo=&c=IYVgjswWRldmkohZ7wiDePzrCx0B8Rg2ZTdNZ9wpdd2aIqgKSPF/ApNH7A27vxNmnDWPKKCWYiVlCQ8U UPHkdwujXD7RzLc7ggQe 4vVYlrGKK424OZLknmNlHLLogDi3soDpwwlDLzegJ6VLv Kw==&downloadAs=REQUESTFINALE_2012.exe&fallback_url=http://.../setup1.19.exe  (f71385d5e10e7e2499b9f8dfb3c7b356)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=dVAuwRO9hILhstGQMXNajfX0esacQb5W5hrpzhxAhdo=&c=fgeNFEqxP4Ha Vt41fz5PFPhERtpHft/G8RdCqL2210CLl59takr4JXwuT8rEx 6fW6RwXsUxVvn6Tfn1FSX Dzz1ZxaljXX7 n5CTi qqQ M2WftqcpjDA/aAXowl4A&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (icreinstall_setup.exe)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=Rm/MALecXKMOzW0Wk ttjg/SZpCV39ljGWwv5ELrgTg=&c=SO9AMAC07uhIJNfXjfLPb2xgiWjJz6yNYrFK0seBmA3uVNPPMFijtVXto3GlFTUbY3yYaufiARY8xFtRBqhqDENxHoNikF7A0P/FrAY0gbEb41oHbyVGO9A6pUurQV4iUdpBh41LFPPWhu9AksvbVQ==&downloadAs=WL-222-link.exe&fallback_url=http://www.eveofjustice.com/.../WL2.2.2-link.zip  (icreinstall_c.exe)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=Ct5jscJKodi1LNlvtwsg2tlc2YYsVrOe7XYZlY9WYIY=&c=/8wKfL4coEMV9luJgYo0Bt9huyRgWAt8Y703xsM6cvnfqH18obo0Dq7q4oGgRBCa1 Kr6VyjbhK7SnOU977k3vORJjRSM0ef9yoDtfHJQxuKd6QxcNd4/k3r761lGE8B&downloadAs=FFSetup3800kuyhAa.exe&fallback_url=http://.../get.php?file=b547ad6d&m3  (ae78d1d66a181ea573ef5db8bc9a33d5)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=KGyeT8SfnrDEobwXfIdTZ1XrVLqunVlhfIu1hB16HVE=&c=QnLS1u2dMAxcW2w9JEhWflvbznHrP/LhVHXuMvLzljoPqJp2mrqGUPV0H1gF6/I7pUIjBVxmEF1SGHXPGgqc8qmTrW5MZU bYHyLaioFxrNjQW5mWxHupmoCOyD3TIB/&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (84bfb57464a3cd58ec7ea176bd1d5db6)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=EGEBVksMrvSJqwN9ufApmzntGN/3hFiw2vuvrv0T2gw=&c=TxUD6HlHjTJ4g082CXH/fYHbp xsbv6uyHCp/LSgAcFSYXKI3ClbA4OS2 uv/YmrXtf3WHRQBwH15FtnRQKJFNCRe9F6HR9IhzgB8Uq 50nsvZFd0gQ/MCvk5Z43ARwIgWJlw2gt6glSmKSu1DSZdA==&downloadAs=WL-222-link.exe&fallback_url=http://www.eveofjustice.com/.../WL2.2.2-link.zip  (icreinstall_c.exe)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x= kGuZwodNN86HPsD 55gklXUxQKjkVoTU9hO aVRcaQ=&c=BvzI/m5ZRmQIssEFdv5PnuWqRlQebrNAyWoIK7gGYl1xdBqWyFYTf91HSBEDnc9TA5U5EBayWm4I2 WqvylEgVxYSTJFwlGUcgH5MXgnTe6MhqRpPPqAN1cRVNVyzTD1sgdzVnFEFls6m QuJcCpFA==&downloadAs=WL-222-link.exe&fallback_url=http://www.eveofjustice.com/.../WL2.2.2-link.zip  (d548e9ab90a428dd720cbc0842a7345b)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=6e6c6CIkbMiig79EoqKjWws1mgqa0xvqddoeZUb5ZoE=&c=Yg/NSIgD7ZKeB MX/bhs 4ZlSR6wCUyvCMcMJtW72G4kzZSQh7I5sIyNemCW7XpPUaB6k38hAA/hOfxFDJxIE/k6jOKTssWUEvzxdiGSOeHt9jokEgPmSw4VR1oEJ8velafGWyFgiFedQVWNr8gt5w==&downloadAs=delcam_powershape_v5.exe&fallback_url=http://.../setup1.19.exe  (0e2df9e6d4af9180c660528d2de4f435)

1 / 68      (PUP)
http://www.currentconecptdelivery.com/c?x=uV8RcZz93t8Rgauw V95o/ZTO49LHj9x2NHVAjQYm8Q=&c=vxPS8R07DZgyYQGccuexLWTAkSS4i6DFOOjy4w5CXLWiRug5n7sTmMUX4BTWFVGP77go3K8cASYjRQiKhPoF6kszy NB49RhU7KFD paOCCzRNtvgAvQcvLpiTGiLoknLdqRL61ljW//w6oRoMaOIA==&downloadAs=WL-222-link.exe&fallback_url=http://www.eveofjustice.com/.../WL2.2.2-link.zip  (6f06d0604dd71ff5f150e4e4b361bf46)

1 / 68      (Adware)
http://www.currentconecptdelivery.com/c?x=Fo7scLY79Vfz7E4wgzHhsWE afLQd6WFZeBbhaKqMHM=&c=4hOxjSRNGWej28Y3Ghm43oazxjK7aidQoMHU5PpZayLVV978KloapjUpqb531C5Q9RDo5WI/23hJresYkXjcjGLP5/4i246ebL61vykCLNexGnZqPnQNMcwxvsdwNlIHyjBc4pC3J0lfIDZ7VXyAQw==&downloadAs=Secretly_Greatly__ai.exe&fallback_url=https://s02.solidfilesusercontent.com/NTgwZjVkM2MwZGUxYWViMDdmMGFkY2JjOGQyZjM3MGI0ODAxYTQwNToxYU1IMWQ6R3R3a2d5WmNGLV9fd2tRLVRfZVM4T3JuREo4/.../Secretly_Greatly__airens357.net_.part1.rar  (e730cbc7b33b3d453f1b6bd4e79079bc)

The following 6 files have been seen to comunicate with www.currentconecptdelivery.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.