home

www.dltagrepository.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
dltagrepository.com

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.MICROMAX.Installer (M)
100.00%

The domain www.dltagrepository.com has been seen to resolve to the following 9 IP addresses.

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 5, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 5, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 5, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 19, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 19, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
May 19, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
May 19, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 19, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 19, 2016

File downloads found at URLs served by www.dltagrepository.com.

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=alskFqiUmiFE8bSQwQ7n33kwm 0arp4fRpk1594QaBk=&c=iZ R1siXEq6I/VXuKRmLLM1Upa7w2jE4v3FGEm0/bt1M0jtg1j1hsBOs ogSlmPGF1NqTV5qQBRP0KznLJNzvd6LY9Pxui0osrSQyKoQRB0TDIVe58pWQxw 7jsxpDS2&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (649304c193693743d74b666f9d0d88ad)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=quJ9Ri9 09ZIaX3TUl/F7Ov/g7bxJ8z8ez0rywLrIGo=&c=n72W9Gv4/NMp0uvc9XQBSkd8KzMURMzqWyP/RwZ2QouaCInoM NI8tW6XzrNaazjqnMt Z6g7nz0l6m2ww/5JEUFCjjskRqadxRdglcI5qe9g59kSxLN3bo0At2yRlV8&fallback_url=http://res.hufftos.com/.../Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe  (3aaf96d02bc6f97606d112fe36ae7839)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=GU//NlU7Tijm1pkkhZHaL4 m9vrQJS/lSHImPpS4cRg=&c=biz0QsKzETW5AwZWEjktJkUUKUCwHEJLEyN8hDlPH7yzV9BtDkW4tLrLE34T/nWbCv2O3mCUtwKl0OGpk/B3iy0 6pKvCqWGlfG1gM/9m0qeo4r Y7v9c q yvOBmDoFiG1MJT8TNQ1v53zESmEEI8d/TnLLaSF5WDnwi/uClss=&e=1&fallback_url=http://res.mshist.com/.../LeagueofLegends_EUW_Installer_9_15_2014.exe  (269bada1f24b4bc7baead9345d5aea31)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x= 4nW 548Fi/GTX1C2b7yFYiMscHEjMQqKm2ANXIDna0=&c=UCyS9L1USDfZxuAiGisTQeRgOLLACX/f6/DZX7 OuvABE1DknihnDzSjP20HnGtxMHQaEswAzwrEWFz86NltgkQniNJPkltMCOKIvbGuVDFJiGrWm4scQH Z oQf/8Xt&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (649304c193693743d74b666f9d0d88ad)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=7J1K9TFgbhOntmKQ41C8YRXFUV1cquo5pliZdoLvn5o=&c=hGohDaN7zjX6ktPOlK /xHKQNVOdaTdMTVIh2l3e0oFnkzzuzOPEmPFgLk71tqyUH9lrnZjq0vBeb4y9xCukKuk4N9QVYpZ aeZ8jLQD1mHJG4DroqcDAS9GvIguxFPAh1/Z1kO1ZsPEAZDfbDpGwgqXbjt9gN9UEBMt0mFVzGQ=&e=1&fallback_url=http://res.mshist.com/.../Instagram.exe  (9ce0f6b74f20c250a84d9de336c70e56)

0 / 68
http://www.dltagrepository.com/WVl6OTRQV3AwYldVeWFqQmxUalUwSlRKQ2JVaHFOMjl4ZVdwQmNIbE9WVTlzYWpGRGVXOXBlRzUzY21KTEpUSkNhbXQzSlRORUptTTlaRVJrT1VGSFlWaDVSMHBRVFZWTlZHcDNibmg2WjNaTlNsbDNTbWhFVDJGMlZHUnhibUZqVlZaYU9GSlhZamg2WW0xdk1VNXBOMjVzU1hablpYQWxNa1l6YVdsdlR6aDBXbGhvVG1GblVsQnZNMlZuZFZsNWNVSjBaWFY2VVZFd2MxUlFOMlpDYVcxWlJURlhlRlJFVDJONlJXOTBOVTlJYVhwdlVrMU9UWGhIY0ROYVpWaHhOalZWWVU5MWQySndVM05HUVZoeGMwRWxNMFFsTTBRbVpUMHhKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdjbVZ6TG0xemFHbHpkQzVqYjIwbE1rWnBibk4wWVdkeVlXMGxNa1pKYm5OMFlXZHlZVzB1WlhobA==  (bluestacks-thininstaller.exe)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=yiiw6f9eSQZjVVjKVdPR 7yfoRoD3o0GfgajOU8smv0=&c=LTitvw4qEgoG2ScZ8E9sLZgnAOuxEqCsnAXJFtAGkZ1owHifgh1q1B52QSnRwH4GMpJ4vUqYeDmwNTZwkkew3E1KUtcxfRIJ7k7mjA26aGv4Aufj X0Zl5NpjEZmV 1C&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (c140bc383903bdeb6a44462b81885665)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=CtHu5KitkOSIxyZE80FcQASv6YT4EleOgf3gU5vKqS0=&c=HSfB8Hd4bZXlUcuHJqvQY79t8NJwQBd1DYZVqqHInVQ Bnoji xdUjlWonLWhBUCIayCOPzu5MXj0vbfXu2tpmZV8b1aYwQcPl6EuUE2adLC8ZPfjo8zNflSCeK3/AWr&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (649304c193693743d74b666f9d0d88ad)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=wDaaaNbPxLqjU8JOg2avmABnIkZxJqUM6I SsB4aDD4=&c=ZZv9a6jmhlVRm7gnh3oxe5c0xcv9GE8ZqJg8xClHMIKKp1cgxctLV9l5GYEhMZ1fsR TOumY0ZgBDXISxr ooUAPfkaMuZ/GqRCOdsK6TOyEi9oNG8s1/w97xV742EYgrZwusfgAMBYrLsudfGFlFVeMJsIw96KZTZQRBMqc4nIfirYr4cfy1/QCp70C3r2N&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (5ef2f25d1bb5e0fc1592808a4ddf3155)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=r7/9ZIeXwkNLREl8F6HpJcwzRy1c9gbnNuaVtjG5MyI=&c=aKQaXla 0QDdQcpqQ848KXlBnmh/lmQs9zaN1zDHLiBDnbB0AWqoC/Vsxb1eVb52nx/zJltQ c6Ni5VnTsfGzRrMFCaIFDhl6sNGASVyeSe5LaCALqhn/uFh7sZ7j74E&fallback_url=http://res.mshist.com/.../ClashOfClans.exe  (533e4938b61dffdefc61758cde60cb30)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=axaJSSZwPSF5IWQtquBAjwXzIAyLTOHkNpJQDUVa2dA=&c=oMOdVTAmbFgDZCRB/GXaVSdIRusNJvLOJPhzl/sAEkdHW/s1K//CAqneTuumODNOlMSxKvpjB/m9jrK9Kb6eJVloM/ixKHgpPAJj4OqWjIP64FWTGYkqUk6HzeGfLhYO&fallback_url=http://res.hufftos.com/.../Firefox_Setup_21.0_fr.exe  (64653b538b3fd402cfbf0d71851a84a2)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=cFFr7 2wYWQE/M1mWgB75xaU0TlbL2BBxlIguTKCBAk=&c=eucgkB4pqsq5eWk OlpbYLSl0LNO oyCIr5qtHN4bxfp54HLp3415OQ6yVypXff5eg3A60iF5/sT/EFsIamYFZ3AWmik2z2T8EVKxQ3WScOe 17MEjJb xQrCsuEJkGyVkhwQno5Hi258A8RUHnrWCXO4EA6ZoYQWo/zgpnS9CQ=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (icreinstall_updatechecker.exe)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=2SOOA7t7FNszPOd7K3QERTbARGVrslHFAuaD mQHuUg=&c=J7OYBA dPvzYEhdLl6GfukQTUqMg7SX8WCfUBIQMWxzTcvgVhSa64nqTDi7mRSQTA3B5dk2sd3a3QhIntwL87zs/3mZiwkqv45/s9ct4dy5wI87foXB6COe8ykFn9/Br&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (167de4ce40f1b3864d1344a55a15cac7)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=WeG51mQoiS/heONc7Jd9YEPk0YPimqmx/A//vIL6q3c=&c=XVtIVcc RRPF4fa4fEktE0qE0XGc/cr6arliUBsdx9uoCNytmlb44cmGO/d84fOvkZGCz7p7O7d67ecXNYhF5cBFhax1b7eJrsyXaNZnedmQr/CppTbs FIVX5uptXJhD8ArXr5E8pkm0isJ5qeJu7x/M 0hRzYdByVJ2T7xzCU=&e=1&fallback_url=http://res.hufftos.com/.../install_virtualdj_home_v7.0.5.exe  (1834f9ace4a2fe7d324e162534062682)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=AFo 2WyfiwnSqtA7tqcM4nsz31pRMKRnVVGo9ZMUxYU=&c=QRS7Rb435DfBzRdqWtyMvKKwGH 1bRcHcjO4dR2piHyl3IyAxpI6WvaaXoRPMNORFWnonn2L4D1TlSvr313MgojSJtldvggc4MykY0tURjpFn3N7L740d3hTnKkliFTB&fallback_url=http://res.hufftos.com/.../install_flashplayer11x32_mssd_aih_other.exe  (5438f16bddc0023162326fde0f2b5f24)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=9tlx3O4QCD/jLUnqhrnT48jUEyOE586lgwCJ3cVVuUc=&c=9cogn33eaNffOa0hFQ8b2QTohE0WX7m9HelbdvWiKgJryAVYonU0QbvwLbAeajZb6qrbcPZKmeTMiXR1RppNZGdXvusjKgzactA/HpkUk3BhhGWBkMYB8QMBRT0C jtf&fallback_url=http://res.setauls.com/.../Firefox_Setup_21.0_fr.exe  (1dd4341a53c3c42f0f5ae1bd55bd783f)

1 / 68      (PUP)
http://www.dltagrepository.com/c?x=P28WcNvwGfRM Z1VzwhGgHYCjOUUgvXHyHPQ0x9QXqM=&c=7tP2/RDQ6cOtwGoW7j5cqZlVH8fRJxzdKf9R HF93gkFY44gfj6lEqf2h3zRk/RBA97M0QGoVnAnSdyJ7IARrJzXuY5bh8 gzBMksxo0FjW3FkY5FZLkJPo4P2I 1z5glkvBRtK uNamYjrrcDyAFXlibPYZ12tW5LebJKf2/5E=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (67bcae01fbe70f35aa0565ccfd0a1ed2)

The following 18 files have been seen to comunicate with www.dltagrepository.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
online-guardian-v2.0.9.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.