home

www.repositoryvaultsbody.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
repositoryvaultsbody.com

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.FC.Installer (M), PUP.InstallCore.11 (M), Adware.Bundler.Meta (M)
100.00%

The domain www.repositoryvaultsbody.com has been seen to resolve to the following 20 IP addresses.

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
August 7, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
August 7, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
August 7, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
August 7, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
June 19, 2016

54.149.195.20
ec2-54-149-195-20.us-west-2.compute.amazonaws.com
June 19, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 19, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
June 19, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 19, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 16, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 16, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 21, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 19, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 19, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 11, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 11, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 11, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 11, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 11, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 11, 2016

File downloads found at URLs served by www.repositoryvaultsbody.com.

1 / 68      (PUP)
http://www.repositoryvaultsbody.com/WVl6OTRQVmxQTlVVeVZUUTVOMXBwYUdkM056aEtWamQzY1VOd2IwczNaMEZwTmtWUVVGQlJSa1poUWlVeVFsYzBWU1V6UkNaalBXUXlkMk5pVTBzeVZXNTNUV1YyVm14VVZXa2xNa1pPTms1RVF6Qm1abEU1Y1VWMEpUSkNNM2h1WVRaa05rd2xNa0lsTWtaU1pFUTBPVFYxUkVSUE5VNVFOVmRKYnpRMFZVWnhSRGRVY1RFMEpUSkNNWGRUVDJSb2RHdHFOV040UjJkTGQzWlRSMVpxWm5ReGVFWjZiekpQUVRSd1FWUWxNa1puTVRRemIxZG9PVGRtT0dSdmVqSnlkV1pZSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3Y3lVellTVXlaaVV5Wm0xcGNtbHNiR2x6TG1OdmJTVXlabVpwYkdWekpUSm1ZV04wYVc5dVh6RmZNekJmTUY5elpYUjFjQzVsZUdVbVpHOTNibXh2WVdSQmN6MUJZM1JwYjI0dE16TTJPREF0WkhBdVpYaGw=  (action-33680-dp.zip)

0 / 68
http://www.repositoryvaultsbody.com/WVl6OTRQV1ZCVFVveFIzVldjbTVMVFRsTGJFTnRXbEZMTlZNMFVYTlNaMlZPWldaUmNEZ3pWRVprY3paU1Uyc2xNMFFtWXoxNmVGazFRMll4TUNVeVFsUkNNa2RWYTNSb05VTkROelEzVUU1TVIydzFOekJUWkVrek56aE5KVEpHUm10YVRFNXNRVFpHTURGdFEzVTRaRlpYTTJWdlpsRmFlbEpYWTJsMU5HRlZOVWMwYTBWeVZ6WmxabWROSlRKQ1psUnljRko2V1ZOTWNEaFdiazRsTWtKT1RscEpXSFpSY2tKMFExSm9TazlOVFZsc1pFMXZVbkpGUmtWeUptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTmhKVEptSlRKbVpuUndMbUZrYjJKbExtTnZiU1V5Wm5CMVlpVXlabUZrYjJKbEpUSm1jbVZoWkdWeUpUSm1kMmx1SlRKbU1URXVlQ1V5WmpFeExqQXVNREFsTW1ad2JGOVFUQ1V5WmtGa1ltVlNaSEl4TVRBd01GOXdiRjlRVEM1bGVHVW1aRzkzYm14dllXUkJjejFCWkc5aVpTMVNaV0ZrWlhJdFdFa3RNakUxT1RBdFpIQXVaWGhs  (adobe-reader-xi-21590-dp.zip)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=ULtZN6oDffla2GFHEMUaOpPC1LJr1FRmIN08YLHNfA8=&c=wLMjG5ioQnJ6LzajB8jbo5adti9iW8QTiLzIiJTf9dWYHHgvM68pTppk1CGgbRIX NY0lIHnU2BnmXzFa/YW/PeUsyaECv8f1CEIAbcnONs58qjjjLglsG96TmHxEGJy&fallback_url=http://get.geo.opera.com/pub/opera/desktop/35.0.2066.92/.../Opera_35.0.2066.92_Setup.exe&downloadAs=Opera-12614-dp.exe  (56ac583ba0712abb2337854c79d90650)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=Y 8vo2V/WQTG GvTSv049DnrC2Gm8ThUjVLmrr8uu M=&c=jB8xR/kYibsb0xpgFYvraqMiPDmup4X6XcRRixt96WgUBEMhm3pLKCgduBnin Pm3dNjEbv/SoqhgFCAqbHV4t5W6kSmOYgy8/IPPgl07hemv2i0fPp8KosvvNpbsP6B&fallback_url=http://bullzip-website.bullzip.netdna-cdn.com/download/.../Setup_BullzipPDFPrinter_10_23_0_2529_FREE.exe&downloadAs=Bullzip-PDF-Printer-12736-dp.exe  (6b184c8aa95a96923fc0e709b618bd93)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=1M8aVZ1teupHMuUDl46dSAWfJIcaANAw6JudIlY mvY=&c=vIWLkjMGRxeZl/D25Thg1nFNdfxSkB9PoSCDUXTMkIWzf3FnRBFbqup71lE1cYMK4AOjQ3YsFKAGC7vvlPaMfy3cQrQphury0ImAvayQlAjboeVBIbyCQaDPm9FHXL14&fallback_url=http://www.dopdf.com/download/.../dopdf.exe&downloadAs=doPDF-15410-dp.exe  (8d8fad8c9d1ba648cf24aba30c90b007)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=UdIhsVrsIAWu30cB5NLwA0lkSCN4ss3OGz/LCd7bkqo=&c=dTj7oCJ6 dunJLDixDSfED4LGEBHDIHLittTuK87Er2tEUm7iFfgAj8UCH9N4vUW4 iD2hNsFJtjpMuzb0PML0MYxn2EhN99AeQ80DC/xlPk/KqsX8ObhMYtjHElZBIv&fallback_url=http://ftp.task.gda.pl/site/.../OOo-3.4.4-1-Win32-ux.pl.exe&downloadAs=OpenOffice.ux.pl-12944-dp.exe  (4cb5ce61c13cf6099caee52b376b9881)

1 / 68      (PUP)
http://www.repositoryvaultsbody.com/c?x=9ofpMbjOWwds7q4kf7BPGgpvtHQdgwbe8S25j6i0JqI=&c=P8XJirjreyWZc F5oTCk1J2WAezK7dGrJZyPu4B EPS0PFTys 2hhWniLTD75tz2iPdmk1Lu PE0TsF3QT79t3Y12G2riuX9SrXEoxZGccddMnQvA6r6 E8ckbLxz0oQ&fallback_url=http://www.admuncher.com/static/.../AM-Install.exe&downloadAs=Ad-Muncher-58614-dp.exe  (bd2c0036fa4e5f28a4b6293aa7f6f4f3)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=lONLvSO dYYMq9SaoRaFzOyDpKDcsLLASTV7RET d80=&c=tZI2GH8iXRciUMvpp1KklS7IlPqotOKILVNJsHCSngl2320i6OXmu6cCEJUNOAjRUxjq3rh3fhr7 W0t2BWa UZoknBldPy5aUTfuIdaA7ToIVKg2juuUWozHHoN7P39&fallback_url=http://dpstorage.pl/.../iview441_x64_setup.exe&downloadAs=IrfanView-12867-dp.exe  (635160c2387a68d6b7acc1513356d6cb)

1 / 68      (PUP)
http://www.repositoryvaultsbody.com/c?x=sEbl xq7LFWw3/691qlDIhKdxDhbXbfWfhvuwrblY8I=&c=M1LW01RLNNRH1yb4n5nsEG0ExHqQY4JT283x0mAxPikHoEamw6 CMAAC5UVkxeoX6/BJ4NjHbkYPavCaaR5ll3LiNB9xwsgXISOJopg8fmsF8qa7pPFmL6YVud4DcnGI&fallback_url=http://www.bluesoleil.com/download/.../IVT_BlueSoleil_10.0.492.1.zip&downloadAs=BlueSoleil-30571-dp.exe  (47346fa265e092a56122ed61f7f48f85)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=KQjwVgRsRXzfRsYVYRQIzkckh/SzYY8N02Ca8yK1UUo=&c=I4nIr78tkf8xmgp9zIhy00wLyh0muxcM4WJpWQMI/TJ14VfNrm NeedGIaiXDI4JmS3mrKLgTqto47mTmO1ZUogHieecT/FoLV5OIg0YB uXx3CVWUIDOR4fvgBOY4Af&fallback_url=https://ftp.mozilla.org/pub/firefox/releases/44.0.2/win64/.../Firefox Setup 44.0.2.exe&downloadAs=Firefox-13108-dp.exe  (272a8ce3ed6c696a6943db30ce4131b7)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=rd2Jb5cdfi9Q/zcsEParTonDbjdv0ihNrFDFwgbdXec=&c=nKYKO 4Ri khtbcfvB 4QerDHTNmDmC0ERcib4VaUtZMh6YgPZ9o7Y0RrqF6CkGgLeEqclm2/T1IANGU6yiFuoJtc8W8tehL1CpF XE/idnCMmd0HmG9U/64kwKPWqjA&fallback_url=http://pity.elfin.pl/pliki/Jupiter/Jupiter2015/std/.../Jupiter2015_std_1.0.4.exe&downloadAs=Elfin-Jupiter-Standard-17246-dp.exe  (ba3bd2467a3e0bb506932143afc6b4e0)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=fT8b/FLxagcNrwXoET1j2hrCUKDaUyMCzIE3ewcuTI8=&c=aUys/eqd4rwhItNNADPeajDy7RXEzO27m2lF80ZmckAIO5QIpEPIwF8b0DH/5HK9y6JSDgX7Ffl4g5zOFtKUj3w7/mfzI5 a3ReQByZThIOnjo9D2BrX7ucv7rL8yuN1&fallback_url=http://fpdownload.adobe.com/get/flashplayer/pdc/.../install_flash_player.exe&downloadAs=Adobe-Flash-Player-13091-dp.exe  (2aede00942cd0ce5ceee500fee10f13d)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=F3XCznztU7ZGVgSUVmzsXz24aiiCni0JkS aS0LoaZI=&c=v o99msXE dV1JAkyOzC1xXMeXaNdVeljC6vmRZprKCtU7JhKhlup3USx0wTgW7rqxMVqXM82CqiUn4bwaiNprgTLlIKh oS9De2bXQUq39tvjXiAXaUS4zSulv6Qt7m&fallback_url=http://www.philipp-winterberg.com/.../InstallFreeRARExtractFrog.exe&downloadAs=Free-RAR-Extract-Frog-33828-dp.exe  (9ec7cd297cb1728a59fcfb9262d63ced)

1 / 68      (Adware)
http://www.repositoryvaultsbody.com/c?x=TJ3shQARdvEK4Xxv4yCB4FuNeszPMRLQ0YlbFTKtccY=&c=0doFq0Q OQmVUNGtv4OxMtOqVfwuj5XGAV0Phyhh4Ms7HQD0dAG2L7EUpu VVyL9Es3UDTPSzOzhNoNu JKkiTEHHkf0fNlPGHntklziBwaIOsG4NJ0JeIzpf0DWs8 h&fallback_url=http://pc001.update.www.cmcm.com/file/.../cleanmaster_12_1.exe&downloadAs=Clean-Master-58274-dp.exe  (dd68fc52c6870804f48d93da8f58de63)

The following 36 files have been seen to comunicate with www.repositoryvaultsbody.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.