home

www.factoryapplicationsconecpt.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
factoryapplicationsconecpt.com

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M)
88.89%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
11.11%

F-Secure
Application:W32/Generic.70053c248f!Online
11.11%

The domain www.factoryapplicationsconecpt.com has been seen to resolve to the following 14 IP addresses.

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 4, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 4, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 4, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 24, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 24, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 16, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 16, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 12, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 12, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 12, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 12, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 12, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 12, 2016

File downloads found at URLs served by www.factoryapplicationsconecpt.com.

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=1r1/pt Fess72LRvANP9wcIalWrcB arqxMANQuVr2k=&c=7ru2MoXV3PhNrfCABKH9tgKCHJuTcD47fE0OD3P8A4ScCMdusctzOCdH MSPe5jMIR9RvmA bzBUOzGFMAjkWv05ZcP yWnD0fLPzK y4iw3JN33Gw3R8Bt8FiGokeSeKRkkMX/F 93gHXqClTJM9qg1g7cL6dxTADRrwijKOCsiOtzUhjF6IxRlrmfVZstn&downloadAs=super_mario_bros.exe&fallback_url=http://gamefabrique.com/dl/.../super_mario_bros.exe  (icreinstall_super_mario_bros.exe)

2 / 68      (false positives)
http://www.factoryapplicationsconecpt.com/c?x=NczYHZTImz3QgSvsAbiknJ9/fDdIVDxAjNVo2/z1d4g=&c=LXtJuL7Yzg499aJx2SD0tB6SBEx0wh e137ZJel/cwNmfHkXrGBduZ0JnVupy5h1EO Tof0vz6XdOim9i/4SBwWocX3Dqy0boSJaJdHnUbbuN6JgYWweUjQH//jJnwj3KZRIhgbbsejKSFt3mqhAVOxfrRJkwPizUIbq//B4pydbcfkKEfxjkH1tmuj0D0/l&downloadAs=mario_kart_64.exe&fallback_url=http://gamefabrique.com/dl/.../mario_kart_64.exe  (wrar420.exe)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=jxyyxUAOe19tW1Hdkf4gsJ1G7JohdZ14pgxjr4RJ5To=&c=S6lgzHfLGNuIu/p1kpvsR29b0blicLRz xX2fRaoAOxnA9ynfuGiex7VVBqfLMWEtVhepFzkGKPJQmWKbF6ZJK ii4ZAk1 oYtYbwEPUx2GVH9/n3xYOoCP0FYoxUwPXD9fGhwv0tzGLMm82sv9T9JJVZN5ZarUnQSJGZ20oEyVO6psTklt6QQRO2Y/LF7Me&downloadAs=mario_kart_64.exe&fallback_url=http://gamefabrique.com/dl/.../mario_kart_64.exe  (8f544d0fce4f809047c3bcc5c682bfe9)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=pvgsKlXeFQewWlvO/2oZyJdJZsau zN38RhX bovEvA=&c=cszlKQcL8rAQd3g4vy5ycTNNa91fm9pLVMDeYGjNl7juqCpH79dgdaVfLKgRxbeOCQmA ppdDXVUmOpcP65x1IfemYOjCNHnQPXZmoQ hK/i8omIbkuPN8dS7vDo5hoq&downloadAs=Gangsters2Setup.exe&fallback_url=http://d.trymedia.com/dm/eidos/60m_d/.../Gangsters2Setup.exe  (f1d41d7861e29efc69912cb0c4aa741e)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=QqVgHa7Tq1Cj4aEm9XoB1fbEypAp5331zB5AwYwaF20=&c=iKe5O6aLLv8tdXb1ktwsMleadvuX/6NLlV/dTPnS3s6UnxBJRK3z6W18RmXo6m6FTg3fG9yUN/RT29OibmQoxh7g42 N8cPIG4EA6Sj h/IgUIcY53flL/ 1McMA 17m&downloadAs=AirportTycoon3Setup.exe&fallback_url=http://d.trymedia.com/dm/take2/2h_d/.../AirportTycoon3Setup.exe  (73e6f30647d38ffc68f12ebf5d3a0bab)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=r/lIONBgKB6qnE6aA7dtL1B3KGI21gsxc8KGnfVFHOE=&c=9Fo7GV4lfyhePN3DUuWTfVTW0VepXc064Ial32wmwMndLBX0ptlWn4qKserZkDWSE28 vYKnOOc0ZeATJb4tnycFhvh26kU9p6LGvZaNdH9gocoYiuNsag2Az5kBnyA72FnUh3U0Sr0aWi nivagOKTLWemLcwvR/e/QtBAjIlo1463rrlOm ZECv3vFRm X&downloadAs=a_bugs_life.exe&fallback_url=http://gamefabrique.com/dl/.../a_bugs_life.exe  (f61d86379fca2e402ab82c7a4b8acfb3)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=h5hxWBeaeovFEQOOGvS1Bcubdx 0moFUJyJD6BHaNhc=&c=z9WwddEUYSFHZnZHwOWSkY/mLPxHxzQwrwhXFLirAsrgMzTynZ/ZNkn5fP2aXw5MWaeSYMqOi1ZutOfSZDTi5IUugn5ZwtLeunxym DLqRafsSFh3A372gNyH4ZGOc/UR/WIH eTSzSU2RqKsH41BKL/q/m7BQZNnn172FntBr19q7SLVltqkwk1bUdCgaKp&downloadAs=snow_brothers.exe&fallback_url=http://gamefabrique.com/dl/.../snow_brothers.exe  (1b12a673f65fca8d3d08d7a000c63ab9)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=ilna1FSsbc636t4kXuQqbqLJ5uRNIf8ayFE01gocK4g=&c=7Pc4/0R980ZLLPVUl9yWW73D9r6mOlZOHljbzawKk7sf3Jx4UGsvcqHYCEjZj9sENO/AG9jJ2pqrjAAUbomIMGJMpZDyA7nEgliGFd36FBogbd9Ms8lAFqGldLf XHGPhFIRetPtPCSo0S/3C6se0m0kHBJzDe8KWajlIQRtHBh3zgTxe JJnjjCCLVZ40uc&downloadAs=lion_king.exe&fallback_url=http://gamefabrique.com/dl/.../lion_king.exe  (565e0168c773d88363282ca912ebb268)

1 / 68      (Adware)
http://www.factoryapplicationsconecpt.com/c?x=G0uVE /K4YXL1FCQ/nc3dAwGz5csG2RZhvHp9PUdO9Y=&c=yjLW0lo9yOiJ4eSxMkbhF6ZNO/TSS1TvnNvPSp3Mt6mYnAT44P1jGeb4I5EPRHefhi1HQRkGITuuDbgW88/R1tiK0kLgH0odeT7MtJ4p/gufNtSNkLzwLCTfsUDvijbrOkJZ3Y42UkqWw53Tr/rxLW8Uo7lK2EdMhvU8sVOwI62LIPrygR3EWVZjusWQF/vF&downloadAs=sonic_the_hedgehog_2.exe&fallback_url=http://gamefabrique.com/dl/.../sonic_the_hedgehog_2.exe  (icreinstall_sonic_the_hedgehog_2.exe)

The following 18 files have been seen to comunicate with www.factoryapplicationsconecpt.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
online-guardian-v2.0.9.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.