home

www.currentsendtowers.com

Communigal Communication Ltd

Domain Information

The domain www.currentsendtowers.com registered by Communigal Communication Ltd was initially registered in December of 2015 through GAL COMMUNICATION (COMMUNIGAL) LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
GAL COMMUNICATION (COMMUNIGAL) LTD.

Server location:
Oregon, United States (US)

Create date:
Wednesday, December 30, 2015

Expires date:
Friday, December 30, 2016

Updated date:
Wednesday, December 30, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
currentsendtowers.com

Whois:
1 currentsendtowers.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Bundler (M), PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.AC.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.InstallCore.AC (M)
100.00%

ESET NOD32
Win32/InstallCore.ACY.gen potentially unwanted application
8.33%

The domain www.currentsendtowers.com has been seen to resolve to the following 17 IP addresses.

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 1, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 1, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 1, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
August 1, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
August 1, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
August 1, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 17, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 17, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 15, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 15, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 15, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
January 30, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
January 30, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
January 30, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
January 4, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
January 4, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
January 4, 2016

File downloads found at URLs served by www.currentsendtowers.com.

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=VTXu0nxnXGteWauyJkb6Y0C8WooWNXC1EXBqo9LgimQ=&c=usyElEh8qAtB/Hdr7GCuzKEfNPILsYKffvMTP4T9PZoQeyyp9km1hQPB4XLk2FWA5KQ BVjjXZY6d/L K/KXXspV K4W2 UP/N3tO2e/R5cQHx3u4 wjwQvLbXN2m21n 6WhQhXHZ/wy1IFPDv9/FA==&downloadAs=installer_ares_plus_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=189.229.218.69&countrya2=MX&partner=BEGINPRO&origen=SOFT&program=Ares Plus&3dparty_channel=BEGINP010Z6a3b285512d85dfc18599510b25e3baf&ou=http://aresplus.sftbegaaa.com/es/?p=SOFT&du=http://download.begindwn.com/.../down.php?country=mx&hostname=xugu66a8dviguwu.kuwutefresosa.info&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/icono-ares-128x128.png&logoex=/icoinstall/logosex/promo-ares-164x427.bmp&ua=msie&software=Ares Plus&origen=SOFT&key=5e085&url_download=http://pf.vitplatform.com/crawled_soft/2/2/2297  (94331ee2d0ff0ba193ed985edb06eb33)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=IyOwPGQix7B/DqHDaHkMNB9K86Z5idB/Uk0R7dx7o9M=&c=Pmd9F8qQvr9jTWv/o0bPe/INQIGWgH/ 442/LwK5pwUWY35ebLe0TnT9l1V7dwvHCT9JMj4WK2cvNWikC/1v1b jgXhrY1eIJcmKwwjLIbIFO/y05qmcSNID/FAmuMew9793rAJ75dFdS9p4li 8qg==&downloadAs=installer_rollercoaster_tycoon_3_1_1_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=181.118.119.195&countrya2=AR&partner=MP3&origen=SEO&program=RollerCoaster Tycoon 3 1.1&3dparty_channel=MP3010Z34897d402141ee162d821920e61fe07c&ou=http://descargar.mp3.es/lv/software/download/kl667209.htm&du=http://download.mp3.es/.../down.php?installer_type=&installer_theme=&lang=es&hostname=descargar.mp3.es&partner_keyword=MP3&url_download=&software=RollerCoaster Tycoon 3 1.1&country=ua&tb=babylonnewv4&langutf8=Spanish&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/228823-667209-rollercoaster-tycoon  (c48e508d28aad660ed840cd3d39b2026)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=/9 LpHzSHLWH2VTJMpTSkf200J8UqqLjvA8Rslworcg=&c=fU kvlzkftlrYBi6s2sDPKPBr RFGtXuMdKQeDoPnfJ0UPM/8Jg0OEhXzbqiAx2kLc/ZdqxSnAhN1DpBomW4AxKKVIwlL7v/NED3t/EJPqIK4hs2yZ6cqXZ9I66w7tNGJzg YiAoCMHzz28jSUuSEw==&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=186.43.209.67&countrya2=EC&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO010Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=22836&new=y&hostname=ares.com.es&url_download=&software=Ares&country=EC&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682180-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ar  (8b24d5ddd76e7bfc80b045c51382541c)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=V0aIP0MIcibFKYxwltarfIj3DAdZQLDDH8TJzKEY72c=&c=vMv65hoVBnPfnb8/DBO4v4JNHOVt/Fb0l9Y9Q owYDT7/zsmX/u6Z2VzUp1mJWJ5JrReh/Hkmqu5qyYEx3wvP1GqFnh8S1ZVyEeSOQJCAk/15D5tML8RECWZm961aRZ4FafHmn8JEgKebPuqADJIIA==&downloadAs=installer_gta_san_andreas_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=106.66.8.36&countrya2=IN&partner=DESCARGARES&origen=SEO&program=GTA San Andreas&3dparty_channel=DESCAR010Z11e7cd64929d60408d128dc16640a721&ou=http://gta-sanandreas.descargar.es&du=http://download.descargar.es/.../down.php?country=IN&hostname=gta-sanandreas.descargar.es&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/020-gta-sanandreas.png&logoex=/icoinstall/logosex/gta-san-andreas.bmp&ua=msie&software=GTA San Andreas&origen=0&key=92ec3&url_download=http://pf.vitplatform.com/crawled_soft/3/9/39605-6679  (e5cafdac08d3c9f3c35d9311ced85ebb)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=USADwlkl3RxEVzSpdZaVB8aj2YEGDfkDQiQU6bSB1gM=&c=DzSM2sX73 oq6Vb/pxAiG3iCoS2PTz2cefdBTiejJbqqItEPfBzdxCEVqfhRO6xxv/nFYtx5G0/fGfBulP6v8hbLeJq2s4ta87nn2dT8PSqVACCZVv2CGZ8xPIr4AXWf4sL6TGQI8wfNIv5dYmdtTQ==&downloadAs=installer_microsoft_word_2010_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=76.26.15.239&countrya2=US&partner=DESCARGARES&origen=SEO&program=Microsoft Word 2010&3dparty_channel=DESCAR010Z45a57d3f3dab977c996b4e567e84afd2&ou=http://word-2010.descargar.es&du=http://download.descargar.es/.../down.php?country=US&hostname=word-2010.descargar.es&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/045-office-2010.png&logoex=/icoinstall/logosex/word-2010.bmp&ua=msie&software=Microsoft Word 2010&origen=0&key=6ea84&url_download=http://pf.vitplatform.com/crawled_soft/2/2/228950-667852-wo  (758c874087cf46d49d3f82e5f18d9ca6)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=MPvnPfUXKmDkSiaZqUO/3ISZwPpOXXLtIJXT/TlcsIE=&c=Xuo0pwzUkYZVTBJ0E2Tu6/VTEH6yvneV7yzPEpz13D4DDN9TAXFtij4ekMT5xn1FiCbMSAsmdYXNzlhkjOyS/Z5ttCsRz0ntjtSbD1xD3QTZJv8X1oe1U9S/iBruWfzjZLw4T6xmuojKTSACPz7KWQ==&downloadAs=installer_utorrent_Dutch.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=200.84.170.50&countrya2=VE&partner=FREESOFTSTORECOM&origen=mbsi&program=uTorrent&3dparty_channel=FREESO010Zff62e7eb343bd6135ad91569f4730774&ou=http://utorrent.pedrillos4.com/?p=mbsi&trckid=1451534792mb78255391172&du=http://download2.freesoftstore2.com/.../down.php?country=ve&hostname=jusigonub97f7qiv.kasareupayezi.info&lang=nl&langutf8=Dutch&logourl=/icoinstall/programs/icono-utorrent-128x128.png&logoex=/icoinstall/logosex/promo-utorrent-164x427.bmp&ua=msie&software=uTorrent&origen=mbsi&key=5dbf1&url_download=http://crw.vitplatfo  (6f4f9f98039a0368671d631ce55730f0)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=gyavOip/kTlKlIXkhNc4/62TOl3Tlk4AwuvF7brNLkk=&c=ss8HhdpAZ/U1Ayg2eKs/BOxx8cWuxOUOHYFwXuoTrBXzGh8gbzLs4lz/If2Rb1qJ2jawreaWV9QYamqJlcSy/ps2dJycXD5NCRRv957Ht8Q6eixprWbjkxcK9oWjwfHy/VKW3A1ApwqDjXmQkMSkxw==&downloadAs=installer_utorrent_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=201.241.8.105&countrya2=CL&partner=FREESOFTSTORECOM&origen=mbsi&program=uTorrent&3dparty_channel=FREESO010Zff62e7eb343bd6135ad91569f4730774&ou=http://utorrent.pedrillos4.com/?p=mbsi&trckid=1451527806mb53615462125&du=http://download.freesoftstore2.com/.../down.php?country=cl&hostname=jopugb97f7mohiviq.kaqogetrelu.info&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/icono-utorrent-128x128.png&logoex=/icoinstall/logosex/promo-utorrent-164x427.bmp&ua=msie&software=uTorrent&origen=mbsi&key=8d77a&url_download=http://crw.vitplat  (10c5a19fc4354372da3596aa7fce266b)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=A84v0bXsbYq zlNBtTb0V6IGRDchYs55OmpINYZtuYA=&c=MrieyoKbg3lTZAnLDS1RsTp9XaOEysoyzXk9/dnrjML8UuprNNG P8fyQCXWTkxmRfwRyDeyg/RG/v4Wn Xu71HzUSPAUk13GpSSwM5fJJ6/RswzA0xdwgbUe9OpftLYgx28ycNH9G QOt uwzHVXA==&downloadAs=installer_gta_san_andreas_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=73.193.23.109&countrya2=US&partner=DESCARGARES&origen=descargares-en&program=GTA San Andreas&3dparty_channel=DESCAR010Zcae698f67a20323e8d5b9c2fee3dd710&ou=http://gta-sanandreas.descargar.es&du=http://download.descargar.es/.../down.php?country=US&hostname=gta-sanandreas.descargar.es&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/020-gta-sanandreas.png&logoex=/icoinstall/logosex/gta-san-andreas.bmp&ua=msie&software=GTA San Andreas&origen=descargares-en&key=c92b8&url_download=http://pf.vitplatform.com/crawled_soft%  (7eadc921aec972eba72d3411b4ec771c)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=FTJ/Kj/Lzar/geNREZkpwdIMhdIlN/EpLipmVwAe6WI=&c=WknWAuTVQEthvdSM5LwFar4bTX m0NrxE74agLSx6WR0IjlCxsuWHESDFB9curqBaT2wuDL40IcfEOsGUTRPNoiPLuCRYofZxowrNZP4JYk4sTkK8l8tsbLFmMmq236uY7mdF5 0IIs6GnU8QkZRGg==&downloadAs=installer_microsoft_excel_English.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=24.208.164.109&countrya2=US&partner=ALLFILEWINCOM&origen=us-adcdm=1&program=Microsoft Excel&3dparty_channel=ALLFIL010Z7ea399c8731e62add4c7de2bb9511741&ou=http://engall.filewin.com/Microsoft-Excel/?p=US-ADC&du=http://download.filewin.com/.../down.php?key=b2645&new=y&lang=en&hostname=engall.filewin.com&url_download=http://pf.vitplatform.com/crawled_soft/2/2/228955-667874-excel-2013.exe&software=Microsoft Excel&country=us&ud=ax&origen=us-adcdm=1&langutf8=English&logourl=&logoex=&ua=msie&partner_keyword=ALLFILE  (ae2f2591f1c172c7342fa00bc314b7bd)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=WTd8rVk9QLx8snxm3ju3xW5B5J8GqFeLhj4i9ndt2pQ=&c=Skugbb35uQ5597KSl Ehfor19o9elKshVT0r/NPMrV5f0WaSRdrRpW/jk3HRC5LYlVWqkK2NKNtEUfpjqLyiaGdO4fexnrT/MXprX9O0/nQeoqP6jgoHEPtfC9/jTZEcL83Id3Ug9JhIF0/xz/5bCg==&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=174.106.67.220&countrya2=US&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO010Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/.../%  (7d20c7b16de815c129a648929312fd2c)

1 / 68      (Adware)
http://www.currentsendtowers.com/c?x=8FRs4gATPYdMMWxZHDD9ITa0J/RNP2iW CKfvFf50JI=&c=7oG8JrY cupG/TqLwPjaejmpYMv8tqsaVOhTolxBuGbw5fKa9rcelCas8Du/pKEa9JWFlfEHw6JAcOcDB /5XY6FB40sI7Js242SeJnI568KYu 97ya7NMDVxRJIIaGxVW591iSPGwZlS5K0Zp1 Vw==&downloadAs=installer_microsoft_office_publisher_1_4_2_English.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=216.184.70.117&countrya2=US&partner=EAZELEN&origen=SEO&program=Microsoft Office Publisher 1.4.2&3dparty_channel=EAZELE010Z7cfe1630b5ff82383a5e8f6892cc4ea9&ou=http://english.eazel.com/program/download/678397/&du=http://download.eazel.com/.../down.php?installer_type=&installer_theme=&lang=en&hostname=english.eazel.com&partner_keyword=EAZELEN&url_download=&software=Microsoft Office Publisher 1.4.2&country=ua&tb=babylonnewv4&langutf8=English&premium_url=http://pf.vitplatform.com/crawled_soft/4/6/46468-6783  (7993231c1fda95bf719cecb2d2ee9118)

2 / 68      (PUP)
http://www.currentsendtowers.com/c?x=UShHl4deHyxfzsHGnrCsFyc6G0E74RgM56kRUveAfDE=&c=HhFcP7eWMuCloHVKTTVZBWM rucUG Jr7MrNAXjGm0Zbd8lJt7 MT4xnz4X/sQqPAYSD0Uxc1qA4WCWjGzcBm7GdXb3TRFjbOudH9m96vg8Xm/HteD6LIuBjEfFy0ZSn2E1tnkaTIM1SV1jJ8LbQ2g==&downloadAs=installer_kazaa_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=71.239.5.44&countrya2=US&partner=DESCARGARES&origen=SEO&program=KaZaA&3dparty_channel=DESCAR010Zf8c2f7367d063dd5f9ee3b2338374c59&ou=http://kazaa.descargar.es&du=http://download.descargar.es/.../down.php?country=US&hostname=kazaa.descargar.es&lang=es&langutf8=Spanish&logourl=/icoinstall/programs/026-kazaa.png&logoex=/icoinstall/logosex/kazaa.bmp&ua=firefox&software=KaZaA&origen=0&key=6e471&url_download=http://pf.vitplatform.com/crawled_soft/3/3/33914-83370-kazaa-lite-k.exe&ud=ax&partner_keyword=DESCARGARES&pmd5=%2  (2fd83e7594c32b75e3262f230437e720)

The following 36 files have been seen to comunicate with www.currentsendtowers.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.