home

electroecs.com

Benedict Pokoo

Domain Information

The domain electroecs.com registered by Benedict Pokoo was initially registered in June of 2013 through DOMAIN.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the The Endurance International Group, Inc. network.
Registrar:
DOMAIN.COM, LLC

Server location:
Washington, United States (US)

Create date:
Sunday, June 16, 2013

Expires date:
Friday, June 16, 2017

Updated date:
Saturday, August 8, 2015

ASN:
AS29873 BIZLAND-SD - The Endurance International Group, Inc.,US

Whois:
1 electroecs.com record

Scanner detections:
Detections  (55% detected)

Scan engine
Details
Detections

AVG
Potentially harmful program Downloader.DJN.dropper, Win32/DH{Y4Iqghw?}, Adware Generic_c.DGP
62.50%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.NSIS.InstallMonetizer
62.50%

ESET NOD32
Win32/InstallMonetizer.BB potentially unwanted application
56.25%

Dr.Web
infected with Trojan.OutBrowse.92, Threat.Undefined, Detection.Undefined, Adware.Downware.8749
43.75%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4786532, InstallMonetizer
43.75%

Microsoft Security Essentials
Threat.Undefined
31.25%

McAfee
Trojan.Artemis!C9149270D11D, Trojan.Artemis!0001C9F84F4F, Trojan.Artemis!55027BD82061
18.75%

Qihoo 360 Security
HEUR/QVM06.2.Malware.Gen, HEUR/QVM41.2.Malware.Gen, HEUR/QVM41.1.Malware.Gen
18.75%

NANO AntiVirus
Trojan.Win32.Rogue.dinpgv, Riskware.Win32.InstallMonetizer.dymuwe
12.50%

G Data
Gen:Variant.Application.Bundler.Outbrowse, NSIS.Application.InstallMonetizer
12.50%

Panda Antivirus
Trj/Genetic.gen, Generic Suspicious
12.50%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Outbrowse.1
6.25%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Outbrowse
6.25%

MicroWorld eScan
Gen:Variant.Application.Bundler.Outbrowse.1
6.25%

avast!
NSIS:OutBrowse-BN [PUP]
6.25%

The domain electroecs.com has been seen to resolve to the following 2 IP addresses.

66.96.149.1
1.149.96.66.static.eigbox.net
February 6, 2016

66.96.147.106
106.147.96.66.static.eigbox.net
April 5, 2015

File downloads found at URLs served by electroecs.com.

0 / 68
http://electroecs.com/.../UC_Web_Setup(installer).exe  (cf734957f96f39f23df3fbec146b1614)

0 / 68
http://electroecs.com/.../ucwebpc_.exe  (fc7ac519e4d80b9c9f8a238bd5419dc6)

0 / 68
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

0 / 68
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (7c5abf2e01d5d48305c75d38be3ecaf4)

4 / 68      (PUP)
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

6 / 68      (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_pc_8_11046_gc.exe)

4 / 68      (PUP)
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

2 / 68
http://electroecs.com/.../Opera_Mini_PC.exe  (9bd36d0ef12e9aee7abad16fc2a3b193)

4 / 68      (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_pc_8_11046_gc.exe)

5 / 68      (PUP)
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

4 / 68      (PUP)
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

4 / 68      (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_pc_8_11046_gc.exe)

15 / 68    (PUP)
http://electroecs.com/.../UC_Web_Setup(installer).exe  (uc_web_pc_10931_gc.exe)

4 / 68      (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_pc_8_11046_gc.exe)

1 / 68
http://electroecs.com/.../UC_Web_Setup(installer).exe  (47612e3600e72329775857000626efe0)

4 / 68      (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_pc_8_11046_gc.exe)

1 / 68
http://electroecs.com/.../UC_Web_Setup(installer).exe  (723215f4_stp.exe)

2 / 68
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (a3097d6299f2a868a8a66137891ccbd3)

3 / 68      (inconclusive)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (b96271a410f8fde4080c8b47eb8931ae)

12 / 68    (PUP)
http://electroecs.com/.../Opera_Mini_PC3_Setup(installer).exe  (opera_mini_8_installer.msi)

The following 19 files have been seen to comunicate with electroecs.com in live environments.

TCP » 66.96.149.1:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 66.96.149.1:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.149.1:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.149.1:80
bfa0d68f.exe (Client Server Runtime Process by Microsoft)

TCP » 66.96.147.106:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.149.1:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.149.1:443
dailybee.exe

TCP » 66.96.147.106:80
online-guardian-v2.0.9.exe

TCP » 66.96.149.1:80
online-guardian-v2.0.9.exe

TCP » 66.96.147.106:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.149.1:443
online-guardian-v2.0.9.exe

TCP » 66.96.149.1:80
rqdrcedfm.exe

TCP » 66.96.149.1:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 66.96.149.1:80
mbtipv32.exe

TCP » 66.96.147.106:25
www.exe

TCP » 66.96.147.106:80
online-guardian-v2.0.9.exe

TCP » 66.96.149.1:587
www.exe

TCP » 66.96.149.1:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 66.96.149.1:80
browser.exe (Speed Browser by Long Mile Solutions)

TCP » 66.96.147.106:80
syscheck.exe (by KeyDownload)

 
Latest 20 of 26 files

August 21, 2015
dl.electroecs.com

URL:
http://electroecs.com/

Title:
“Electro Computer Science Inc.”

Web server:
Apache/2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.