home

cool-edit-pro.soft32.es

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
soft32.es

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Downloader.Bundler.Soft32.Installer (M), PUP.Downloader.Bundler.Soft32 (M)
100.00%

The domain cool-edit-pro.soft32.es has been seen to resolve to the following 28 IP addresses.

52.84.127.49
server-52-84-127-49.iad16.r.cloudfront.net
August 29, 2016

52.84.127.226
server-52-84-127-226.iad16.r.cloudfront.net
August 29, 2016

52.84.127.185
server-52-84-127-185.iad16.r.cloudfront.net
August 29, 2016

52.84.127.171
server-52-84-127-171.iad16.r.cloudfront.net
August 29, 2016

52.84.127.146
server-52-84-127-146.iad16.r.cloudfront.net
August 29, 2016

52.84.127.95
server-52-84-127-95.iad16.r.cloudfront.net
August 29, 2016

52.84.127.80
server-52-84-127-80.iad16.r.cloudfront.net
August 29, 2016

52.84.127.62
server-52-84-127-62.iad16.r.cloudfront.net
August 29, 2016

52.84.127.60
server-52-84-127-60.iad16.r.cloudfront.net
August 17, 2016

52.84.127.48
server-52-84-127-48.iad16.r.cloudfront.net
August 17, 2016

52.84.127.40
server-52-84-127-40.iad16.r.cloudfront.net
August 17, 2016

52.84.127.17
server-52-84-127-17.iad16.r.cloudfront.net
August 17, 2016

52.84.127.188
server-52-84-127-188.iad16.r.cloudfront.net
August 17, 2016

52.84.127.152
server-52-84-127-152.iad16.r.cloudfront.net
August 17, 2016

52.84.127.141
server-52-84-127-141.iad16.r.cloudfront.net
August 17, 2016

52.84.127.84
server-52-84-127-84.iad16.r.cloudfront.net
August 17, 2016

54.230.194.46
server-54-230-194-46.iad53.r.cloudfront.net
July 29, 2016

54.230.194.40
server-54-230-194-40.iad53.r.cloudfront.net
July 29, 2016

54.230.194.236
server-54-230-194-236.iad53.r.cloudfront.net
July 29, 2016

54.230.194.216
server-54-230-194-216.iad53.r.cloudfront.net
July 29, 2016

54.230.194.208
server-54-230-194-208.iad53.r.cloudfront.net
July 29, 2016

54.230.194.82
server-54-230-194-82.iad53.r.cloudfront.net
July 29, 2016

54.230.194.61
server-54-230-194-61.iad53.r.cloudfront.net
July 29, 2016

54.230.194.60
server-54-230-194-60.iad53.r.cloudfront.net
July 29, 2016

151.101.20.249
July 21, 2016

23.235.46.249
February 9, 2016

199.27.76.249
February 9, 2016

23.235.39.249
February 9, 2016

File downloads found at URLs served by cool-edit-pro.soft32.es.

1 / 68      (Adware)
http://cool-edit-pro.soft32.es/get/file/id/.../  (cool edit pro setup.exe)

1 / 68      (Adware)
http://cool-edit-pro.soft32.es/get/file/id/.../?rel=center  (cool edit pro setup.exe)

1 / 68      (Adware)
http://cool-edit-pro.soft32.es/get/file/id/.../?rel=center  (cool edit pro setup.exe)

0 / 68
http://cool-edit-pro.soft32.es/goto/file/id/.../  (36218-671348-cool-edit-pro.exe)

1 / 68      (Adware)
http://cool-edit-pro.soft32.es/get/file/id/.../  (cool edit pro setup.exe)

1 / 68      (Adware)
http://cool-edit-pro.soft32.es/get/file/id/.../?rel=center  (cool edit pro setup.exe)

0 / 68
http://cool-edit-pro.soft32.es/get/file/id/.../?rel=center  (36218-671348-cool-edit-pro.exe)

0 / 68
http://cool-edit-pro.soft32.es/get/file/id/.../  (36218-671348-cool-edit-pro.exe)

0 / 68
http://cool-edit-pro.soft32.es/get/file/id/.../?no_download_manager=true  (36218-671348-cool-edit-pro.exe)

The following 7 files have been seen to comunicate with cool-edit-pro.soft32.es in live environments.

TCP » 199.27.76.249:443
product support.crx

TCP » 23.235.39.249:443
discountapp_1.0.0.0.crx

TCP » 23.235.39.249:443
savingsplugin_1.0.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
product support.crx

TCP » 23.235.46.249:443
couponmatcher_1.0.0.0.crx

TCP » 54.230.194.208:80
ctfmon.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.