home

lp7.bongacams24.com

1&1 Internet Inc. - www.1and1.com

Domain Information

The domain lp7.bongacams24.com registered by 1&1 Internet Inc. - www.1and1.com was initially registered in July of 2014 through 1&1 INTERNET SE. Currently this domain has been known to host various forms of malware. The hosted servers are located in Hollywood, Florida within the United States which resides on the Prolexic Technologies, Inc. network.
Registrar:
1&1 INTERNET SE

Server location:
Florida, United States (US)

Create date:
Monday, July 14, 2014

Expires date:
Thursday, July 14, 2016

Updated date:
Wednesday, February 10, 2016

ASN:
AS32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Prolexic Technologies, Inc.

Root domain:
bongacams24.com

Whois:
1 bongacams24.com record

Scanner detections:
Malware distribution  (81% detected)

Scan engine
Details
Detections

Reason Heuristics
Trojan.Downloader (M), Threat.Win.Reputation.IMP
95.65%

Dr.Web
Trojan.Siggen6.55013
4.35%

AegisLab AV Signature
DangerousObject.Multi.Gen
4.35%

AVG
Generic36
4.35%

Bkav FE
HW64.packed
4.35%

ESET NOD32
Win64/BitCoinMiner.AF potentially unsafe application
4.35%

The domain lp7.bongacams24.com has been seen to resolve to the following 3 IP addresses.

72.52.4.90
unknown.prolexic.com
July 21, 2016

91.195.241.121
redirect.domcollect.com
July 17, 2016

192.185.16.209
February 21, 2016

File downloads found at URLs served by lp7.bongacams24.com.

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (482a8a0c2fc03625f5df471913160b1d)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (5da24d0c4912bf054c7bcd57ad0fc5f4)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (04d054537fb9025c18778262b07274c8)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (1c278361be40a51158dd74fd87bdf482)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (2feb4bf2108508db08ca640146cdf73d)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (06331ebc2be6c7457be8120f747d7126)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (e5260aeb0fe0ed32bfec02043597c3de)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (ceb6743b57ff902e3fa4103b370ba6f1)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (e2c0bf9b8f518cf52ff07d2cedf01aec)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (04a6809f46ae7a6e2a15a360e8f65ebb)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (6e17a2026182bae1b7ff93959c0f1a79)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (0db37ca6a6f529c1a81c4e6fc9ba731e)

0 / 68
http://lp7.bongacams24.com/taskmgr.exe  (e9be2b88972d5d3a707d3b7900146c3b)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (78aee2155170c15ed42617e1de4b181d)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (57fe2da02524eb6509ae30a71444ec6a)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (b48faff2f9d65fb5909345b94b0dc0c9)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (514b88ecf2a39269e7701ba91a49e1d2)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (c72df4e35544f8abb561e6799366feda)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (74ce683354a360942b97979cba4d7289)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (c20214672e46fc373d1c9b975d76def1)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (0f0daca53827ece1c7de17a0cb894f03)

1 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (4ac8eb55f81921be10790e04896253a1)

2 / 68      (inconclusive)
http://lp7.bongacams24.com/csrss.exe  (00aa440f85f8b71da6e8e2cefccc5e7b)

0 / 68
http://lp7.bongacams24.com/msvcr120.dll  (9c861c079dd81762b6c54e37597b7712)

0 / 68
http://lp7.bongacams24.com/pthreadVC2.dll  (4a502706d149c2f5854131a7758a90e2)

0 / 68
http://lp7.bongacams24.com/csrss.exe  (498c526c12ffd2d1a4fb7c3e5017ff60)

4 / 68      (Malware)
http://lp7.bongacams24.com/taskmgr.exe  (7760e75aa441daa8ac9ba5ee4b93dc82)

The following 250 files have been seen to comunicate with lp7.bongacams24.com in live environments.

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 72.52.4.90:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
dailybee.exe

TCP » 72.52.4.90:80
pricehorse.exe (by Pay By Ads)

TCP » 72.52.4.90:80
1799877.exe

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
bfa0d68f.exe (Client Server Runtime Process by Microsoft)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
tasksgr.exe (Process Service Windows by Windows Development)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 72.52.4.90:80
online-guardian-v2.0.9.exe

TCP » 72.52.4.90:80
playnowradio.exe (Play now radio by Pay By Ads)

TCP » 72.52.4.90:80
TornTVApp.exe (TornTVApp by TornTV.com)

TCP » 72.52.4.90:80
sys.exe

TCP » 72.52.4.90:80
bestu.exe

TCP » 72.52.4.90:80
fsd814a.exe (Installer)

 
Latest 20 of 256 files

URL:
http://lp7.bongacams24.com/

Title:
“BongaCams24.com”

Web server:
nginx/1.8.1

callfor.info

goodbe.co

gooqler.com

4shared.net

clipartbest.co

downloadinator.com

eazypaperdownloads.com

eocfiles.com

fileextensionxls.net

filemirchi.info

generaldownload.com

generallydownload.com

itlbg.net

jambolinks.com

knights-of-honor-monument.com

shrinery.net

subpelis.info

tunesynchomestream.com

update-com.info

world-downloads.info

blueslushy.com

halogenware.com

qavvps.com

spybotupdates.biz

update1-com.info

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.