» d2.computerbild.de
Overview
Analysis
IPs Addresses (34)
Downloads (1)
Network (7)

d2.computerbild.de

Domain Information

Server location:

Dublin City, Ireland (IE)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

computerbild.de

Scanner detections:

Detections (98% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.COMPUTERBILDDigitalGmbH.Y, PUP.Installer.COMPUTERBILDDigitalGmbH.b, PUP.Installer.COMPUTERBILDDigitalGmbH.f, PUP.COMPUTERBILDDigitalGmbH.Q, PUP.COMPUTERBILDDigitalGmbH.Z, PUP.Installer.COMPUTERBILDDigitalGmbH.Z, PUP.COMPUTERBILDDigitalGmbH.i, PUP.Covus.COMPUTERBILDDigitalGmbH.Bundler (M), PUP.Covus.COMPUTERBILDDigital.Bundler (M), PUP.Covus.COMPUTER.Bundler (M), PUP.Covus (M)

100.00%

ESET NOD32

Win32/InstallCore.PK potentially unwanted application, Win32/InstallCore.QH potentially unwanted application, Win32/InstallCore.QF potentially unwanted application

14.29%

Dr.Web

Trojan.MulDrop5.33853, Trojan.MulDrop5.38511, Trojan.MulDrop5.42070, Adware.Downware.10483, Trojan.MulDrop5.42070

14.29%

Agnitum Outpost

PUA.InstallCore

14.29%

K7 AntiVirus

Unwanted-Program , Trojan

12.24%

AVG

Generic

10.20%

Sophos

Install Core Click run software, PUA 'Install Core Click run software'

10.20%

VIPRE Antivirus

Threat.4150696, Trojan.Win32.Generic

8.16%

NANO AntiVirus

Riskware.Win32.InstallCore.dlaysn

6.12%

Avira AntiVirus

ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen7

6.12%

herdProtect (fuzzy)

a variant of 94131e8ffb33a0dfaab4ae3c9c6b42e7ac9c4b38, a variant of ea483033926362e6be8791ce9f88bf0769270173

4.08%

ESET NOD32

Win32/InstallCore.QH (variant)

2.04%

Comodo Security

ApplicUnwnt

2.04%

McAfee

Artemis!2FC2C7F14D33

2.04%

Baidu Antivirus

Adware.Win32.InstallCore

2.04%

The domain d2.computerbild.de has been seen to resolve to the following 34 IP addresses.

52.25.41.73

ec2-52-25-41-73.us-west-2.compute.amazonaws.com

May 16, 2016

52.24.26.116

ec2-52-24-26-116.us-west-2.compute.amazonaws.com

May 16, 2016

54.148.57.212

ec2-54-148-57-212.us-west-2.compute.amazonaws.com

April 15, 2016

54.69.198.37

ec2-54-69-198-37.us-west-2.compute.amazonaws.com

April 15, 2016

52.26.95.11

ec2-52-26-95-11.us-west-2.compute.amazonaws.com

April 15, 2016

52.34.170.106

ec2-52-34-170-106.us-west-2.compute.amazonaws.com

February 12, 2016

52.25.23.136

ec2-52-25-23-136.us-west-2.compute.amazonaws.com

February 12, 2016

54.191.37.5

ec2-54-191-37-5.us-west-2.compute.amazonaws.com

February 12, 2016

54.69.11.66

ec2-54-69-11-66.us-west-2.compute.amazonaws.com

February 12, 2016

52.88.159.85

ec2-52-88-159-85.us-west-2.compute.amazonaws.com

February 12, 2016

52.35.10.15

ec2-52-35-10-15.us-west-2.compute.amazonaws.com

February 12, 2016

54.149.60.150

ec2-54-149-60-150.us-west-2.compute.amazonaws.com

November 12, 2015

54.148.75.228

ec2-54-148-75-228.us-west-2.compute.amazonaws.com

November 12, 2015

52.24.62.64

ec2-52-24-62-64.us-west-2.compute.amazonaws.com

November 12, 2015

54.201.218.17

ec2-54-201-218-17.us-west-2.compute.amazonaws.com

August 12, 2015

52.10.0.96

ec2-52-10-0-96.us-west-2.compute.amazonaws.com

May 15, 2015

54.171.47.185

ec2-54-171-47-185.eu-west-1.compute.amazonaws.com

May 6, 2015

54.148.73.114

ec2-54-148-73-114.us-west-2.compute.amazonaws.com

May 5, 2015

54.76.211.110

ec2-54-76-211-110.eu-west-1.compute.amazonaws.com

May 4, 2015

54.200.107.209

ec2-54-200-107-209.us-west-2.compute.amazonaws.com

May 4, 2015

54.187.120.35

ec2-54-187-120-35.us-west-2.compute.amazonaws.com

October 9, 2014

54.68.221.84

ec2-54-68-221-84.us-west-2.compute.amazonaws.com

September 27, 2014

54.186.167.43

ec2-54-186-167-43.us-west-2.compute.amazonaws.com

September 27, 2014

54.200.190.106

ec2-54-200-190-106.us-west-2.compute.amazonaws.com

September 7, 2014

54.213.239.193

ec2-54-213-239-193.us-west-2.compute.amazonaws.com

September 2, 2014

54.186.219.20

ec2-54-186-219-20.us-west-2.compute.amazonaws.com

August 26, 2014

54.191.124.126

ec2-54-191-124-126.us-west-2.compute.amazonaws.com

July 31, 2014

54.187.25.184

ec2-54-187-25-184.us-west-2.compute.amazonaws.com

July 23, 2014

54.201.96.17

ec2-54-201-96-17.us-west-2.compute.amazonaws.com

July 23, 2014

54.201.232.128

ec2-54-201-232-128.us-west-2.compute.amazonaws.com

June 26, 2014

Showing 30 of 34 IP Addresses

File downloads found at URLs served by d2.computerbild.de.

1 / 68 (PUP)

http://d2.computerbild.de/?ic_user_id=917 (wpsetup_cb-dl-manager.exe)

The following 7 files have been seen to comunicate with d2.computerbild.de in live environments.

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443

Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 54.201.218.17:80

openoffice-4-0-1.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.