» a.backuptrips.work
Overview
Analysis
IPs Addresses (3)
Downloads (1)
Network (2)

a.backuptrips.work

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

backuptrips.work

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.ANDREYBA (M)

100.00%

The domain a.backuptrips.work has been seen to resolve to the following 3 IP addresses.

ec2-52-27-128-59.us-west-2.compute.amazonaws.com

April 20, 2016

ec2-52-27-128-56.us-west-2.compute.amazonaws.com

April 20, 2016

ec2-52-27-128-62.us-west-2.compute.amazonaws.com

April 20, 2016

File downloads found at URLs served by a.backuptrips.work.

1 / 68 (PUP)

http://a.backuptrips.work/hp/?q=mwZH7VDJ2FBgP9/XZTKUAiIhFk2GfnOECm3PTNrGy7EU9r408hA05WMmflxq6CPQgbJt0DI/N/RorbNYBW9nTOkVIl4GmKZ3/GxKoOWfwI2xtFfJX4cqqI xeFG4AZWvQ7Bwo3iNgtIdf9Ks/Ddw6rG8LKxny/.../o KJvD7ImF90yUf8BN6UL4fl6Qywtr1OOrVMuWTVWriF8gT3w3JPaaUAFuYDXB5&external_id=1437412854917719335 (download.exe)

The following 2 files have been seen to comunicate with a.backuptrips.work in live environments.

TCP » 52.27.128.56:80

TCP » 52.27.128.59:80

TCP » 52.27.128.62:80

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.