home

www.updatebundlesflash.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
updatebundlesflash.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.Bundler (M), PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.Softwarelite.Installer.Meta (M), PUP.InstallCore (M), PUP.InstallCore.FC.Installer (M)
100.00%

ESET NOD32
Win32/InstallCore.AFS potentially unwanted application
8.33%

The domain www.updatebundlesflash.com has been seen to resolve to the following 13 IP addresses.

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
June 5, 2016

52.33.165.25
ec2-52-33-165-25.us-west-2.compute.amazonaws.com
June 5, 2016

52.32.12.104
ec2-52-32-12-104.us-west-2.compute.amazonaws.com
June 5, 2016

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 26, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 26, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
May 26, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
May 26, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 6, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 6, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 6, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 6, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 6, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 6, 2016

File downloads found at URLs served by www.updatebundlesflash.com.

2 / 68      (PUP)
http://www.updatebundlesflash.com/c?x=cW93 vqN jcuHkszeOE0CYYgpjSbRn8/BtwGLo4Y2To=&c=8cLqZzzyoW48LfSCoI6Qx7TC9VPtrVL3DcCdy3qZ/ZMg8OQqhtvRfExilNG/IAK74c53ML58VUc0NkVaJrGMQFO7DyHnJlYpmqVZNwIWVDfl j05jXjuYH4piNv9hjHG&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=90.74.47.109&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%2  (c1567ab2b68f505f647765e749d07965)

1 / 68      (PUP)
http://www.updatebundlesflash.com/c?x=6gqm719xpTZorqPhtgQwM 9bE1PA4xxvQG23bD1V5F4=&c=QZA4PM5lk2caDgTFuSXnrdJhW94OM3MFj881UWkWnsFj6tkvMA/7z4xWD/aQVU9Dvcpu89gpdIezkAbI2uXqN/YsqnQBj1h8EAt s0bhlor7hXOVumoMPqiK6fMgn0vf&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=79.158.173.255&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%2  (icreinstall_installer_ares_spanish.exe)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=mpPHbxgZofoqRgZUMcY906r W4dAZCRyIKcBhuurN g=&c=SztdQxm/k0gkW2oiQxbTev8Ii L1RPr0Iii3izfAgo JDeITurm3rpWVq5Kx7d7BL1E8hJaELPBiw99DkqrmxSsoVdZdtD jJXMdudERVX1gdyuVtmIEXpdQ0bm84Ql&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=187.158.142.159&countrya2=MX&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=94813&new=y&hostname=ares.com.es&url_download=&software=Ares&country=MX&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://ares.com.es&http%  (a860fa1b080f619422b90260541b6980)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=pIojVPCIyF7Nd aNj3l0sUvVmC4MmVzfPm6aymCYui8=&c=MoHx23N9AqDjC6 3hNfzNfknc7odDxzwWru2IHpitvacFrFkHEAJDcH7Fvdue7tWavPFmd3ZevzPhVGmVImoL80S8xvlq47ZFqCQC4K9vZyVTd/7Sb12r9GKRsaJ8DBj&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=83.44.67.191&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://ares.com.es&http:%  (2ac8f32e78121f66a77721d671d041f8)

1 / 68      (PUP)
http://www.updatebundlesflash.com/c?x=DQnNctZi2NgiuKT1dfY1i4WmxkWm3BEOW7noOGBn44o=&c=O8f5NlsUapZpKk9wyQkMcRuFQ1ZRfy8U /ZFwwREDIP3SsOEt4FvEAKfRKXZdhXWiOQlnokztGPes3BnE4vVPvMRkzABtqsdtiJ6SPQU8U4i0tL8GViirJwFmNgaPHiY&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=176.86.221.14&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%  (icreinstall_installer_ares_spanish.exe)

2 / 68      (PUP)
http://www.updatebundlesflash.com/c?x=y66bHEqOiq9Rnj/K LtqWC9AH7/iKslXjM3WvRDzgSU=&c=w1jNd0 KN7tW /2Om1CUdBYZBarOiJa0Gnj4azHC9ethYpsz/0LKYfXqKd/g9zMWsSg mVGaLW77H6r7Miq4KvjVgGDA2 qY7Squ66bck5KC0jmI1FVOBtkFLgZvt7VC&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=83.213.148.185&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%2  (c1567ab2b68f505f647765e749d07965)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=00LxjaQXjTf8iVhLQmd5S5BP34JB27a7lToZoXkHCVA=&c=q3BFC0ePW LLY7pPVQ3TE7wTJfy/qcGsuIFOwqPKZ8K9z TMo5J0yZwQXiuRvVWY2B65olwLZdTPzaVfATXBjP1jnh6BhW7BN0gYsMWAizlp3oY5QfwsRlm22ioXuRPS&downloadAs=installer_photoscape_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=87.221.148.79&countrya2=ES&partner=SEO&origen=SEO&program=Photoscape&3dparty_channel=SEO00Zc697c325412e8f884be08dee2d89d50d&ou=&du=http://download.instseo.com/installers/down.php?key=f1ca0&new=y&lang=es&hostname=photoscape.com.es&url_download=&software=Photoscape&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://photoscape.com.es/downloads/PhotoScape_V3.6.1.exe&p2p=0&logourl=/icoinstall/programs/Photoscape_128x128.png&ud=lp&origen=&ua=generic&dwn_url=http://api.bb0413fllc.info/14558046650/.../145  (b2faaa5a94f2b8c9c378d97d5e03cfcd)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=v7XA9GGe/m0RI7nqkTw6wPjSu96BU4FuDOoY2tvGSmc=&c=Mk9JXD0q2PTHRK5QJ1KIFCAHlSTHlXXobGoBWC8GI91uJ1L DpHZG54u4mn8tlwkjx/9 0WvLngFaKlTeQXk8t15S1zGzwfMeaJcWfkYhU6dB85PRvhHQ4 N6oVj7ERk&downloadAs=installer_directx_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=201.130.153.35&countrya2=MX&partner=SEO&origen=SEO&program=DirectX&3dparty_channel=SEO00Z980e3bc1f9026ca8d4580722fd57cf78&ou=http://directx.com.es&du=http://download.instseo.com/installers/down.php?key=3b538&new=y&hostname=directx.com.es&url_download=&software=DirectX&country=MX&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/6/26823-662010-directx.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/directx-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://directx  (ddacdf51920de1252aaa57e08f626def)

1 / 68      (PUP)
http://www.updatebundlesflash.com/c?x=4SoAjia7szctKAGRP6NOCtEeP9IlF6237ws1GRjyJkU=&c=n5WCbKicWD/3L/yo1LhDoW2rjIXBIzmJ2OGJt6b2wbcae8zllVl0sT/bZVMnLtvMxOycwY0sT2jqOv3M/8j9uDcwk5njxOzseHE3 L8KEmExbpdcaUBw70EbfuJX5 VB&downloadAs=installer_whatsapp_ _bluestacks_English.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=122.164.251.29&countrya2=IN&partner=SEO&origen=SEO&program=WhatsApp BlueStacks&3dparty_channel=SEO00Ze08404e78b3389cf8bbba39e5f8b30de&ou=http://whatsappweb.com&du=http://download.instseo.com/.../down.php?key=29395&new=y&hostname=whatsappweb.com&url_download=&software=WhatsApp + BlueStacks&country=IN&lang=en&tb=babylonnewv4&langutf8=English&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/3/233327-677797-whatsapp-bluestacks.exe&partner_keyword=SEO&p2p=0&logourl=-&ud=lp&origen=SEO&ua=firefox&o  (installer_whatsapp_+_bluestacks_english.exe)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=7Ws3jpiNyXd7ivczNeSATLZ13zcSBLUkiqq//6CdWRs=&c=tfWD8ZIP7dB70a3w4KnYSAl3pVUGvcnNFvMHh8oF5 HgMU7oejwpgbicr/yz1XQUeIIRR31m9bX3zw6shWMIFfNbAGkZtmD2IRsVYP6 xa1p9nWx3k1kqeLW/FpFVXrw&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=190.226.193.26&countrya2=AR&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=5e60d&new=y&hostname=ares.com.es&url_download=&software=Ares&country=AR&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%2  (5a87ab32104300a4bbe2770b6ef9c6dd)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=ZQEXvGt7QtisjZYBSIc1nR6qXPvv83K/3k26sVcMThE=&c=iBmG2HuuVCISO3BBRpAKGpSkpoZbP2RKb0N9UAKb4RzjB5Q7xnYfoGFo9hB1BplXPjq49yYgbU3t7h/KXfaNNmBO2NJg5HaNWoeN 7RbHk8unUT9XaLBEXDxTzkH4A2b&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=176.86.52.147&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=msie&ou=http://ares.com.es&http:%  (74e5399ab53d57e41ec8b5d1a1321ab3)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=YldDZN 8yPTZXA1oOP5ywtQoKnDpNsQQnlsKVZo444k=&c=NUTdoCVnHkoSmTwRfLzL1zRMTcAyWMRWONMVEuq/wYtjpAhiT/asnz8c7p2N6E9qit3UaqdXqraLYo1ctZ4PtAea SHGn4mtb6TipensxxCjX9HxHDow1vcBf/Q MjKw&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=179.242.251.179&countrya2=BR&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=af120&new=y&hostname=ares.com.es&url_download=&software=Ares&country=BR&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://ares.com.es&http%  (a62b3332ed926e94d02e2f07701e97e9)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x=TbnJBJVhp3qVdk/4fsAKizvh/IKXUelLvLUm pMAcco=&c=IvGKNDXu0IplKy8Xmwx5lPkT4GbinkCSc8osozbVq604MmCkTArfSKxhnCMmvES0L4pt3GT1A4A443NQM3RqltNGZM2oUmmwYAh5NO6i6V7YHSh5WXRXZKW1hh3i4wxq&downloadAs=installer_directx_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=5.204.43.191&countrya2=HU&partner=SEO&origen=SEO&program=DirectX&3dparty_channel=SEO00Z980e3bc1f9026ca8d4580722fd57cf78&ou=http://directx.com.es&du=http://download.instseo.com/installers/down.php?key=8ffc8&new=y&hostname=directx.com.es&url_download=&software=DirectX&country=HU&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/6/26823-662010-directx.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/directx-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://directx.c  (39e4c413f78545188fe12108af4fb0ed)

1 / 68      (Adware)
http://www.updatebundlesflash.com/c?x= ifXtRpUiDviosO3aRk1gJDITtoXKs96pK8xlf9YJKY=&c=xtPVt20g8bmuHgxJUTEwEjTWcTqdTvZ5tdbuL4bimG5yS3Wf8S6NT0YQA3jjYJfcWrc5hPxlePAHyry1Q9xmJ5osq4duzQxDDqLNB8g2eRO2Tc4E3X0ZQlvo/HInh9pa&downloadAs=installer_ares_Spanish.exe&fallback_url=http://xmlinstcp-fpm.portal-factory.com/cmd/error_ic.php?xrip=87.111.51.223&countrya2=ES&partner=SEO&origen=SEO&program=Ares&3dparty_channel=SEO00Z9e110414de8ce21c7730e78acdf934a1&ou=http://ares.com.es&du=http://download.instseo.com/installers/down.php?key=8f57f&new=y&hostname=ares.com.es&url_download=&software=Ares&country=ES&lang=es&tb=babylonnewv4&langutf8=Spanish&addfavorites=n&premium_url=http://pf.vitplatform.com/crawled_soft/2/2/22461-682862-ares.exe&partner_keyword=SEO&p2p=0&logourl=/icoinstall/programs/icono-ares-128x128.png&ud=lp&origen=SEO&ua=generic&ou=http://ares.com.es&http:  (3149900b3cefc43fc96a8f48a590d22b)

The following 18 files have been seen to comunicate with www.updatebundlesflash.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.38.209.219:80
3.9.0.128_20140916045038.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
e5be.tmp

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 52.38.209.219:80
client.exe

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
kmplayer 3.8.0.117 -[www.patoghu.com].exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
KMPlayer_3.9.0.126.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
3.9.0.125_20140702035547.exe (The KMPlayer by PandoraTV)

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.38.209.219:80
online-guardian-v2.0.9.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.