» get.hingscoat.bid
Overview
Analysis
IPs Addresses (8)
Downloads (1)
Network (11)

get.hingscoat.bid

Domain Information

Server location:

Washington, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

Adware.Bundle

100.00%

The domain get.hingscoat.bid has been seen to resolve to the following 8 IP addresses.

server-52-84-125-243.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-213.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-209.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-134.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-104.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-85.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-49.iad16.r.cloudfront.net

August 30, 2016

server-52-84-125-20.iad16.r.cloudfront.net

August 30, 2016

File downloads found at URLs served by get.hingscoat.bid.

1 / 68 (PUP)

http://get.hingscoat.bid/?VPKqMvThuFbSBJRRkGZm4mrAY2dHjvSCTOk7pE8Evbg_EQUALS_&flp=1 (scrap mechanic downloader.exe)

The following 11 files have been seen to comunicate with get.hingscoat.bid in live environments.

TCP » 52.84.125.85:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.20:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.84.125.213:80

TCP » 52.84.125.85:80

browser.exe (Speed Browser by Smart Applications)

TCP » 52.84.125.85:80

TCP » 52.84.125.85:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.104:443

clearscreenplayer.exe (ClearScreen Player)

TCP » 52.84.125.134:443

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.84.125.20:80

Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 52.84.125.20:80

Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 52.84.125.213:443

online-guardian-v2.0.9.exe

TCP » 52.84.125.49:80

WeatherBug.exe (WeatherBug)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.