» www.todaydeliverybits.com
Overview
Analysis
IPs Addresses (13)
Downloads (12)
Network (23)

www.todaydeliverybits.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

todaydeliverybits.com

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.AVSoftwa.Installer (M), PUP.InstallCore.RE11 (M), PUP.installCore.Gede.Installer.Meta (M)

91.67%

F-Prot

W32/Renamer.A.gen

8.33%

avast!

Win32:Agent-AODJ [Trj]

8.33%

Dr.Web

Trojan.Inject1.28681

8.33%

Emsisoft Anti-Malware

Worm.Generic.377772

8.33%

F-Secure

Worm.Generic.377772

8.33%

ESET NOD32

Win32/Delf.NRJ worm

8.33%

Microsoft Security Essentials

Threat.Undefined

8.33%

Norman

Worm.Generic.377772

8.33%

AVG

Worm/Delf.KHX

8.33%

McAfee

Virus.W32/Gnamer

8.33%

Kaspersky

Virus.Win32.Renamer

8.33%

The domain www.todaydeliverybits.com has been seen to resolve to the following 13 IP addresses.

ec2-52-33-46-229.us-west-2.compute.amazonaws.com

July 5, 2016

ec2-54-191-246-249.us-west-2.compute.amazonaws.com

July 5, 2016

ec2-54-186-99-90.us-west-2.compute.amazonaws.com

July 5, 2016

ec2-52-41-114-34.us-west-2.compute.amazonaws.com

July 5, 2016

ec2-52-32-12-104.us-west-2.compute.amazonaws.com

June 5, 2016

ec2-52-38-209-219.us-west-2.compute.amazonaws.com

June 5, 2016

ec2-52-33-165-25.us-west-2.compute.amazonaws.com

June 5, 2016

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

May 22, 2016

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

May 22, 2016

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 22, 2016

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 22, 2016

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

May 22, 2016

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

May 22, 2016

File downloads found at URLs served by www.todaydeliverybits.com.

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=03qzXVskHvCuewfXw5nyRwzZ9oRgQmp9lrCsitnvFbQ=&c=DtOlWZJLRk67AwDqym8I3BTEyiM 0/AbGR4tNyZr CJ3h B9J1kK Vf7JIdSQoj8586VCKiCSEGCEBEMeHKvuiYuBJZlR7mYSRooRJHjVfuXuDS9 qZcQdXDJxiBQyX1&downloadAs=TekniQ_Drizzik_And_S.exe&fallback_url=http://.../get.php?file=f9570d9a&m3 (icreinstall_tekniq_drizzik_and_s.exe)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=SNwvq8oVxhdlTriHgX02J5GJD/HkDLfA3NmCABtJk9I=&c=ntpJhWd1oF42SxpzCFirhzhY6XZpNMICzIxQhyOSBmZh43jQeomUcCmgOBji80LKn v fQr5UFurwaeJFNca9YBi7d3MiRoTFnv6NBjMLTE6g5TRChmUV8FQXK7stpNc&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe (79439972b043fdcd833719c366b52ec8)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=gD7j5jElMFRslIcUjaPtReEUno/Tlh8OAxgF6Rprads=&c=EvzpgEjeCI6aDpAACFrqc00OV4nypKhFbnPoje44pSd/ic4mYi7JfCVyUYCQwr rFrbmnlLSsO5gI2nyHvdscMlKRWFEkBLQ9j1gHedVFVPAkSqhj9PhTV5 E7ePOYND&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe (babc70a1d6eb4d2b52500cf9f7bec473)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=CYx8/iLsttdaxFvRtEC0gtXUy4NNfnzQfMW26cIpH2E=&c=NgAo1OTdMLNI83adNGHypRNFqy1H LuZIcibGl87hsoD7wJzjqiToROSVGF7WIGoic/3in8qO8YQiCXk1D QoT/YfxyapbDyaVqBWtdySJpgKN9QEmKBOEC586zpCIie&downloadAs=WL-222-link.exe&fallback_url=http://www.eveofjustice.com/.../WL2.2.2-link.zip (icreinstall_c.exe)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=eLg2iCbQIg1yJsWyIMVDlX5GQ2Q/wk6BNQPqOQXg1io=&c=O8vdtFN7GOLekTn7KvZksSiJpizj/O/7 RDb0FiDFJCfL0dfzZj0ed1R/ZtuFKal8Onr2waOldt6G06FA/PFaLvcgIH9EqZJEBE1QLBWIaRHeAbYgqwxFrDixR3mapuv&downloadAs=SetUp.exe&fallback_url=http://.../setup1.19.exe (ff1c193a239caaf6f7355297a17e0773)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=ePxDra05dEp4D4MveICWML2PmZQPIzQHcyKEIMBNrXo=&c=W4hMOtiRCi7B4hH xijAh0PhBYgl 7w oA55K3Q941wJEXJdjRbUIRB4X Vmns5Tbc NwFV82E05D59ihpnGzullULB A6PScBkpgqVcv7gm7UNOw2y3SdO1WLzoFjiY&downloadAs=Burn4Free_DVD_Copy.exe&fallback_url=http://.../burn4free-setup-silent.exe (f4b0c6d6995adf0072061b092bb38818)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=8iRjnOrs/TrumXkopLhGSqCqbpXkgreS3vcKm2xwGis=&c=2Sj/g3maeTupEc4cYfWJeskqMhu5NpNuSB 7mwZs0Wid2rDe2m63ov6ThR41Zvy8imvxSKroRxfNpEZTcd99hx2pwAKusFx2v1bcA7iXQhXBQa5MIA9QNAi0DTPbOON9&downloadAs=All_MTK_USB_Driver_2.exe&fallback_url=http://.../get.php?file=b7ff7524&m3 (5471d79d9fd5df908710474a3bf4134d)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=jw217HwZ1mlhV1kOC9H33VNQqqOalcTHzqo6ovX32q4=&c=gD283vUCk71AVlw90 C4KRh1WQNiSwQA97fkMEJaNu26pEMsnGXH2BeXmLjaqCmQTOf0L Z15v9D27NN1pluWxd5aIc8BvyjjQlMnIjoSSFt/rRgmplyH Ta3Npo6V3h&downloadAs=DBS40INDO-480p-SAMEH.exe&fallback_url=https://s01.solidfilesusercontent.com/OWI5NjUxNmYwMDc4NzliOWQ2NTIxZGNmZjgxMzdjMGI5YTNiMTNmNzoxYXVjZE86c2tRUnJoV0pDMWU5XzBGUWdTR3hrNWg0d1Qw/.../DBS40INDO-480p-SAMEHADAKU.NET.mkv (c.exe)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=rCdZxGMGDzAgPR9kxSbPf0pa5twvAVSLXZeoNV7dpUY=&c=xPJf9h6t60APUDTAPsVGePKOUugDlLFswt0GF6tz1FIg6j757MLXq0XVyrDVeJ/oB5BzY3fj4EW4ArLH9h2/YI57b6hh526HKhkH8C5sd2/rKnf/nOm9L0cM0R/n7ccb&downloadAs=CorelDRAW_Graphic_Su.exe&fallback_url=http://.../get.php?file=174d3773&m3 (6220a8dcfee885940627afc059eb2200)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=Q6dDjbZDEghEG5rk4DBq5m7n5k45 eExnXXwCn2K3y0=&c=jUlX/6cvyl wh4kY6M1Y7LydoApxDQ6fQdhVQcYSzNOKAR743npkvDJdmzAiOhMc9P5acHAaZoLgBXJ9w7JrvMogIA/Zzr4Sp4s10TtxzGZ/jwd3vMdMwO3qXBrOwoRA&downloadAs=MorphVOX_Pro_Addons.exe&fallback_url=http://.../get.php?file=fe4228c3&m3 (4d1568aa8fed8482825fad9883767e05)

11 / 68 (Malware)

http://www.todaydeliverybits.com/c?x=z289sBZr56jvPLI5KtLMp/YRkq7bLIQy0ev7XQHWv9Q=&c=rZA/bUV9r57ZwhYyDi4Fusnynw4Zk2zYQcBx3nedPnT/EDBQwr0gOM64YqkAjhTqP/xkZ8k5AOdmebsQGy3gvTdUXr9rL8xFLTotOzCTaw4DjLs4k PfR7Z9dhfDX0kj&downloadAs=FT245INDO-1080p-SAME.exe&fallback_url=https://s04.solidfilesusercontent.com/YzEyNGM5N2Q3M2IyMGY5MjE0OGZhNDhiM2Y2MzgwZjIzYTI5NDQyMjoxYXVhbUY6VEozT1hBRFdTZGhmRVRiM2NvTFduNTk0aGtj/.../FT245INDO-1080p-SAMEHADAKU.NET.mkv (2c2d191cc80fc7264745ac019603b5d5)

1 / 68 (PUP)

http://www.todaydeliverybits.com/c?x=J4 gy2ET4EFB2wMjthY//i9ro0i96nUUXvZ8Rqf4kuI=&c=mh4VakJ7RMR9hbHM8ogCtexRYxS5P2QNxiWzHHN2seKWtseuXsGxsO/ ISvKAUj1elH3lC60GrOguLzVikTGQdK4I DCHXWa4mWUxeKd X5nJJO7TfMSSpip2BvXhAyh&downloadAs=movak_badgirl_eardru.exe&fallback_url=http://.../get.php?file=7736d3be&m3 (ffb01cc8ed780ae5e1ec70017be1aec4)

The following 23 files have been seen to comunicate with www.todaydeliverybits.com in live environments.

TCP » 52.38.209.219:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80

browser.exe (Browser)

TCP » 52.33.46.229:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 52.33.46.229:80

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80

ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80

browserair.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80

3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80

Latest 20 of 59 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.