home

www.sharecapitalclear.com

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
sharecapitalclear.com

Scanner detections:
Malware distribution  (96% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/InstallCore.AEO.gen potentially unwanted application, Win32/InstallCore.AFN.gen potentially unwanted application, Win32/InstallCore.ACY.gen potentially unwanted application, Win32/InstallCore.AFW potentially unwanted application, Win32/InstallCore.AFY potentially unwanted application, Win32/InstallCore.AFO.gen potentially unwanted application, Win32/VB.QQC trojan, Win32/Sality.NAR virus, Win32/InstallCore.ACP.gen potentially unwanted application, Win32/Sality.NBA virus, Win32/Agent.NAG virus
81.63%

avast!
Win32:Malware-gen, Win32:SaliCode, Win32:Sality, Win32:FileInfector-A [Heur], Win32:Kukacka, Win32:VB-OJQ [Wrm], Win32:Patched-JI
63.27%

F-Prot
W32/Sality.gen2, W32/VB.AD.gen, W32/Sality.AK, W32/Sality.E.gen, W32/Virut.AI!Generic, W32/Slugin.B
57.14%

McAfee
Artemis!05BA2C8937AA, Artemis!0FD3D2207301, Artemis!0756591F5975, Artemis!6102F6BBEB39, Artemis!01F7F52C5EE3, Artemis!57C8EDE2C92A
55.10%

Kaspersky
Virus.Win32.Sality, Trojan-Dropper.Win32.VB, Trojan.Win32.Agent, Virus.Win32.Slugin
55.10%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Threat.Undefined
53.06%

Dr.Web
Trojan.InstallCore.1683, Trojan.InstallCore.1681, Trojan.InstallCore.978, Adware.InstallCore.653, Win32.Sector.30, Win32.Sector.22
48.98%

Norman
Win32.Sality.3, Trojan.Generic.8613015, Win32.Sality.OG, Win32.SlugIn.A
42.86%

Reason Heuristics
Adware.Bundler (M), Threat.Win.Reputation.IMP
40.82%

F-Secure
Application:W32/Generic.70053c248f!Online, Win32.Sality.3, Trojan.Generic.8613015, Win32.Sality.OG, Trojan.Heur.VP2.HmNfaiFex0fi
38.78%

Emsisoft Anti-Malware
Win32.Sality, Trojan.Generic.8613015, Win32.Sality.OG, Gen:Trojan.Heur.VP2.HmNfaiFex0fi, Win32.SlugIn
38.78%

AVG
Win32/Sality, Win32/Slugin.A
36.73%

AhnLab V3 Security
PUP/Win32.Downloader
16.33%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic, Threat.4721115, Threat.416209
16.33%

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F], PE:Adware.InstallCore!1.A30C [F], PE:Malware.Generic(Thunder)!1.A1C4 [F]
10.20%

The domain www.sharecapitalclear.com has been seen to resolve to the following 86 IP addresses.

52.84.125.79
server-52-84-125-79.iad16.r.cloudfront.net
August 22, 2016

52.84.125.75
server-52-84-125-75.iad16.r.cloudfront.net
August 22, 2016

52.84.125.31
server-52-84-125-31.iad16.r.cloudfront.net
August 22, 2016

52.84.125.4
server-52-84-125-4.iad16.r.cloudfront.net
August 22, 2016

52.84.125.217
server-52-84-125-217.iad16.r.cloudfront.net
August 22, 2016

52.84.125.114
server-52-84-125-114.iad16.r.cloudfront.net
August 22, 2016

52.84.125.102
server-52-84-125-102.iad16.r.cloudfront.net
August 22, 2016

52.84.125.90
server-52-84-125-90.iad16.r.cloudfront.net
August 22, 2016

52.84.125.43
server-52-84-125-43.iad16.r.cloudfront.net
August 18, 2016

52.84.125.11
server-52-84-125-11.iad16.r.cloudfront.net
August 18, 2016

52.84.125.239
server-52-84-125-239.iad16.r.cloudfront.net
August 18, 2016

52.84.125.160
server-52-84-125-160.iad16.r.cloudfront.net
August 18, 2016

52.84.125.95
server-52-84-125-95.iad16.r.cloudfront.net
August 18, 2016

52.84.125.92
server-52-84-125-92.iad16.r.cloudfront.net
August 18, 2016

52.84.125.80
server-52-84-125-80.iad16.r.cloudfront.net
August 18, 2016

52.84.125.77
server-52-84-125-77.iad16.r.cloudfront.net
August 18, 2016

52.84.125.205
server-52-84-125-205.iad16.r.cloudfront.net
August 3, 2016

52.84.125.201
server-52-84-125-201.iad16.r.cloudfront.net
August 3, 2016

52.84.125.148
server-52-84-125-148.iad16.r.cloudfront.net
August 3, 2016

52.84.125.120
server-52-84-125-120.iad16.r.cloudfront.net
August 3, 2016

52.84.125.96
server-52-84-125-96.iad16.r.cloudfront.net
August 3, 2016

52.84.125.37
server-52-84-125-37.iad16.r.cloudfront.net
August 3, 2016

52.84.125.20
server-52-84-125-20.iad16.r.cloudfront.net
August 3, 2016

52.84.125.227
server-52-84-125-227.iad16.r.cloudfront.net
August 3, 2016

52.84.125.47
server-52-84-125-47.iad16.r.cloudfront.net
July 17, 2016

52.84.125.44
server-52-84-125-44.iad16.r.cloudfront.net
July 17, 2016

52.84.125.215
server-52-84-125-215.iad16.r.cloudfront.net
July 17, 2016

52.84.125.210
server-52-84-125-210.iad16.r.cloudfront.net
July 17, 2016

52.84.125.196
server-52-84-125-196.iad16.r.cloudfront.net
July 17, 2016

52.84.125.126
server-52-84-125-126.iad16.r.cloudfront.net
July 17, 2016

 
Showing 30 of 86 IP Addresses

File downloads found at URLs served by www.sharecapitalclear.com.

0 / 68
http://www.sharecapitalclear.com/.../installer.exe  (15cbba8e284b0c0caccedd6491c7f440)

The following 74 files have been seen to comunicate with www.sharecapitalclear.com in live environments.

TCP » 52.84.125.146:443
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.85.142.51:443
UCBrowser.exe (by UCWeb)

TCP » 52.85.142.216:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.75:80
browser.exe (speed browser by Smart Applications)

TCP » 52.84.125.47:443
apptrailers.exe

TCP » 52.84.125.126:80
crossbrowse.exe (Crossbrowse)

TCP » 52.84.125.79:80
se.exe

TCP » 52.84.125.95:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 52.85.142.135:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.79:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.85.131.30:443
browser.exe (Browser)

TCP » 52.84.125.239:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.84.125.126:80
se.exe

TCP » 52.85.142.216:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.126:80
browser.exe (Browser)

TCP » 52.85.142.98:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.116:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.176:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 52.84.125.11:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 272 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.