home

www.trackcash.org

xi an dianyi xinxi jishu youxian gongsi

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
GoDaddy.com, LLC

Server location:
Northern Ireland, United Kingdom (GB)

Root domain:
trackcash.org

Whois:
2 trackcash.org records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SquareNetworkTechCoLTD.O, PUP.GuangzhouShibeiInformationTechnologyCo.O, PUP.PluginUpdateSL.O, PUP.XianDianyiInfoTechCoLtd.O, PUP.SquareNetworkTech.Bundler (M), PUP.GuangzhouShibeiInformationTechnologyCo (M), PUP.SquareNe.Bundler (M), PUP.Softpulse.PluginUp.Bundler (M), PUP.Guangzho (M), PUP (M), PUP.Softpulse (M)
100.00%

McAfee
PUP-FAU, SquareNet, SoftPulse, Program.SquareNet, Program.PUP-FAU
75.51%

avast!
Win32:Malware-gen, Win32:Adware-gen [Adw], Win32:Rootkit-gen [Rtk], Win32:SoftPulse-W [PUP], Win32:Trojan-gen
75.51%

K7 AntiVirus
Trojan , Unwanted-Program , Riskware
73.47%

Agnitum Outpost
Riskware.Agent, PUA.Downloader
73.47%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Threat.4783235, Threat.4895341
73.47%

Avira AntiVirus
APPL/SquareNet.AO, TR/SquareNet.A.1, APPL/SquareNet.A.2, APPL/Downloader.Gen, APPL/VOPackage.agee, APPL/Tool.SquareNet.26
73.47%

Sophos
Square Network Installer, PUA 'Square Network Installer' (of type Adware)
71.43%

G Data
Application.Bundler, Win32.Application.Bundler, Gen:Variant.Graftor.150280, Application.Bundler.TrackCash, Gen:Variant.Application.Bundler
71.43%

ESET NOD32
Win32/SquareNet.A potentially unwanted application, Win32/SquareNet.C potentially unwanted application, Win32/SoftPulse.J potentially unwanted application
71.43%

IKARUS anti.virus
PUA.Bundler, PUA.SquareNet, AdWare.BundleApp
71.43%

AVG
Adware BundleApp_r.N, Generic
71.43%

Panda Antivirus
Trj/Genetic.gen
69.39%

Malwarebytes
PUP.Optional.MultiPlug.A, PUP.Optional.Squarenet, PUP.Optional.Downloader, PUP.Optional.SquareNet, PUP.Optional.Tracker
67.35%

Dr.Web
Adware.Downware.4148, Adware.Downware.5721, Trojan.Starter.3337, Trojan.Starter.3342, Adware.Downware.6701, Adware.Downware.5904
67.35%

The domain www.trackcash.org has been seen to resolve to the following 9 IP addresses.

92.242.140.21
unallocated.barefruit.co.uk
May 3, 2015

54.183.232.245
ec2-54-183-232-245.us-west-1.compute.amazonaws.com
November 10, 2014

54.183.36.188
ec2-54-183-36-188.us-west-1.compute.amazonaws.com
November 10, 2014

54.183.57.32
ec2-54-183-57-32.us-west-1.compute.amazonaws.com
September 3, 2014

54.215.197.169
ec2-54-215-197-169.us-west-1.compute.amazonaws.com
September 3, 2014

54.241.181.47
ec2-54-241-181-47.us-west-1.compute.amazonaws.com
August 17, 2014

54.193.81.121
ec2-54-193-81-121.us-west-1.compute.amazonaws.com
August 17, 2014

54.183.161.212
ec2-54-183-161-212.us-west-1.compute.amazonaws.com
August 17, 2014

184.169.217.192
ec2-184-169-217-192.us-west-1.compute.amazonaws.com
July 3, 2014

File downloads found at URLs served by www.trackcash.org.

1 / 68      (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id={placement_id}&transaction_id={id}  (java_installer.exe)

30 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=9d1db20f-c5db-4d23-95cd-b492f88ddeae  (java_installer.exe)

27 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=16526&aff_id=13166&transaction_id=d4cfc09f-1331-421f-ac95-41e05045a502  (java_installer.exe)

20 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=e5c321f8-6e6e-428b-901a-9f1eb9ff3a96  (java_installer.exe)

20 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=4958d1c9-bd15-470e-8cd1-52fcdf3b77b6  (java_installer.exe)

20 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=358a0cef-3832-46bd-a7a0-a4f8018c1281  (java_installer.exe)

28 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=254d01b5-6292-4e4f-956c-1f8bf7125614  (java_installer.exe)

29 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=9da66fef-7871-4cd9-8d0f-b986767fe641  (java_installer.exe)

27 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=100037&aff_id=20749&transaction_id=25991eb3-781f-4334-a334-fb86ea5184c9  (java_installer.exe)

28 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=13166&transaction_id=73d38ddd-077f-400f-81e6-cd1a1e976722  (java_installer.exe)

28 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=13166&transaction_id=deeb009a-1f98-449c-a2ae-e9d026e3c506  (java_installer.exe)

25 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=100037&aff_id=20749&transaction_id=f5f59afb-245a-47aa-8243-37617462d4cd  (java_installer.exe)

25 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=100037&aff_id=20749&transaction_id=4676812b-a969-4819-a49d-70e546076ab1  (java_installer.exe)

20 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=21dfc6c5-fd99-4cc1-a033-d7cecbe3f282  (java_installer.exe)

22 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=d5464e00-8298-4505-b857-862abb254d00  (java_installer.exe)

23 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=74cb0a8d-8c97-4339-a390-aabd38e2c705  (java_installer.exe)

22 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=100031&transaction_id=3de96a2d-4297-4d6a-96c8-0c8aeffbb49a  (java_installer.exe)

20 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=100031&transaction_id=69c6da68-ce99-475c-82ba-2d7b4041489e  (java_installer.exe)

21 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=100031&transaction_id=c23fcfce-3881-43a1-9ed3-f2fff26d7bf5  (java_installer.exe)

29 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=16526&aff_id=6618&transaction_id=4af23fc4-a590-4b8f-881d-5076f7446fb9  (java_installer.exe)

18 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=100031&transaction_id=2ec10500-3e6f-49f0-a977-4d32b5e0be36  (java_installer.exe)

37 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=7a0bbc19-45bb-401b-82eb-ebeb62a07c75  (java_installer.exe)

18 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=05742e5c-7809-46c8-8dd0-6303490e7b2d  (java_installer.exe)

25 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=04379ca4-2949-4998-aa0e-e753b3e6f5df  (java_installer.exe)

24 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=0974a3ad-965c-4b29-a063-07e663d3dc28  (java_installer.exe)

19 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=ad59dcf5-1627-4619-9795-f85c0ad8510b  (java_installer.exe)

25 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=13232&aff_id=20749&transaction_id=3bad50f3-898e-49b6-8548-c6debcf2b7e3  (java_installer.exe)

18 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=17633&aff_id=13166&transaction_id=0bb02257-d0f5-4ba1-9d15-5437e9e16fbf  (java_installer.exe)

26 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=100037&aff_id=11156&transaction_id=9cfe41d4-46cb-484e-b5e5-224bb9195827  (java_installer.exe)

24 / 68    (Adware)
http://www.trackcash.org/entry/.../index.html?offer_id=100037&aff_id=20749&transaction_id=63fa8ee2-1611-474c-8ef3-e5757d4a920d  (java_installer.exe)

 
Latest 30 of 185 download URLs

The following 232 files have been seen to comunicate with www.trackcash.org in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 184.169.217.192:80
vmhost.exe (vm file module)

TCP » 184.169.217.192:80
PastaLeadsService.exe (PastaLeadsService)

TCP » 92.242.140.21:80
pricemeterexpress.crx

TCP » 92.242.140.21:80
chrome.crx

TCP » 92.242.140.21:80
app-center.crx

TCP » 92.242.140.21:80
ntp.crx

TCP » 92.242.140.21:80
3dayinvite.crx

TCP » 92.242.140.21:80
twitter.crx

TCP » 92.242.140.21:80
viewlater.crx

 
Latest 20 of 232 files

Facebook:
Shares:  8

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.