» www.newhostingmega.com
Overview
Analysis
IPs Addresses (8)
Downloads (3)
Network (6)

www.newhostingmega.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

newhostingmega.com

Scanner detections:

Detections (67% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.Installer.Installer (M)

100.00%

The domain www.newhostingmega.com has been seen to resolve to the following 8 IP addresses.

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 16, 2016

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 16, 2016

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

April 22, 2016

ec2-52-35-10-15.us-west-2.compute.amazonaws.com

April 22, 2016

ec2-52-26-95-11.us-west-2.compute.amazonaws.com

April 22, 2016

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

April 22, 2016

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

April 22, 2016

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

April 22, 2016

File downloads found at URLs served by www.newhostingmega.com.

0 / 68

http://www.newhostingmega.com/c?x=ni4k/H1gwCZyutrPT1Y6jtQt3h25nczErUtVMOryUzI=&c=N wcSIcu/GaToYRw1Dq1SUBjM8K/H7EuPH4U29N35VHH2qnLWN4l0VkXqp6e40vPmDmryx8DGZp a8xnYIrjdCL86bX0/dF9kkdWY4qcQjxNwrWTpTp/Inc6C8Z9dy9F&downloadAs=Programa-para-Bares_5701.exe&fallback_url=http://www.empresarialsoft.com/.../bares.exe (programa-para-bares_5701.zip)

1 / 68 (Adware)

http://www.newhostingmega.com/c?x=IMYok0/Y9UWNrufkYKp8quSrWhzTUr/7NjjJ8qiBs1E=&c=B9/IttlH/sjSRtD7ddiDVGiay1GmO1irm0sza2VytTB77/nS69mVm7Z XAw4dZ8f4/W3Xf5wBIOGOxh59ArMUgAXcA495dpA5cOUNgFphv94vAJQQve0YQw77V4VMplR&downloadAs=Mamae-Que-Nos-Faz.zip&fallback_url=http://www.sofontes.com.br/files/.../Mamae-Que-Nos-Faz.zip (setup.exe)

1 / 68 (Adware)

http://www.newhostingmega.com/c?x=f84iyp9Ax2ctkbWsPpYmem1bspKaHE1uVc2D2/ y/60=&c=0V5rqzrK2UoR2SPYyrVlsA MqJmDMtplBm/37gV9M2xcyxs4PLbVqiZf kuIIuU0l5xqHg mBDrW4OIz758uuz5I8s2eKd2odPdLq/A07a2ZfuXFw31O9Cfn1Vt65b/1&downloadAs=Ares-Galaxy_231.exe&fallback_url=http://files.ultradownloads.com.br/.../5006-Ares-2_3_1.exe (b5ba9487bad62f6e7ee62f1882377885)

The following 6 files have been seen to comunicate with www.newhostingmega.com in live environments.

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.