home

sp-storage.spccinta.com

ClientConnect LTD

Domain Information

The domain sp-storage.spccinta.com registered by ClientConnect LTD was initially registered in April of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Warsaw, Mazowieckie within Poland which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Mazowieckie, Poland (PL)

Create date:
Wednesday, April 16, 2014

Expires date:
Monday, January 1, 2018

Updated date:
Tuesday, January 6, 2015

Root domain:
spccinta.com

Whois:
1 spccinta.com record

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SearchProtect.Conduit.H, PUP.ClientConnect.G, PUP.Installer.ClientConnect.H, PUP.ClientConnect.Q, Threat.Conduit.Installer, PUP.Conduit.Bundler (M), Adware.Bundle.SLI.Meta (M), PUP.Conduit.ClientCo.Installer (M), Win32.Generic
100.00%

Dr.Web
Adware.Conduit.21, Adware.Conduit.45, Adware.Conduit.101, Adware.Downware.6128, Adware.Conduit.157, Adware.Conduit.82
85.42%

VIPRE Antivirus
Conduit, Threat.4786236
83.33%

Baidu Antivirus
Adware.Win32.Conduit, Trojan.Win32.ClientConnect, PUA.Win32.ClientConnect, Adware.NSIS.Toolbar, Hacktool.Win32.Downloader
83.33%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.SearchProtect.A
79.17%

G Data
Win32.Application.SearchProtect, Win32.Application.SearchProtect.AA@gen, NSIS.Application.SearchProtect.AH
79.17%

AVG
Generic_r, SearchProtect, ClientConnect
77.08%

ESET NOD32
Win32/Conduit.SearchProtect (variant), Win32/ClientConnect (variant)
75.00%

McAfee
Artemis!C0E23C6F8F25, Artemis!BB5B222E53A0, Artemis!68761B6F8B35, Artemis!028BA108FCF0, Artemis!8D93C87D7277, Artemis!63E5E9F6EBE5, Artemis!DDF9A3AB6945, Artemis!AF94CCA6A6FC, Artemis!B63E490F9A95, Artemis!ADD8A127AC76, Artemis!4B07B45CBB7D
72.92%

Trend Micro House Call
TROJ_GE.3929168B, TROJ_GEN.F47V0527, Suspicious_GEN.F47V0612, Suspicious_GEN.F47V0618, Suspicious_GEN.F47V0715, Suspicious_GEN.F47V0716
70.83%

MicroWorld eScan
Trojan.GenericKD.1670554, Trojan.GenericKD.1714754, Gen:Variant.Kazy.394447, Application.Generic.686486, Gen:Variant.Application.SearchProtect.2, Adware.SearchProtect.O, Application.SearchProtect.R
68.75%

F-Secure
Trojan.GenericKD.1670554, Trojan.GenericKD.1714754, Gen:Variant.Kazy.394447, Application.Generic.686486, Gen:Variant.Application.SearchProtect
68.75%

Panda Antivirus
PUP/Conduit.A, Trj/Genetic.gen, Trj/Chgt.D, Trj/Chgt.F, Trj/Chgt.G, Trj/Chgt.I, Adware/Conduit
66.67%

IKARUS anti.virus
AdWare.SearchProtect, Trojan.SuspectCRC, PUA.SearchProtect, PUA.ClientConnect, PUA.Conduit.SearchProtect
66.67%

Lavasoft Ad-Aware
Trojan.GenericKD.1670554, Trojan.GenericKD.1714754, Gen:Variant.Kazy.394447, Application.Generic.686486, Gen:Variant.Application.SearchProtect.2
66.67%

The domain sp-storage.spccinta.com has been seen to resolve to the following 28 IP addresses.

23.1.0.180
a23-1-0-180.deploy.static.akamaitechnologies.com
July 18, 2016

172.232.156.161
a172-232-156-161.deploy.static.akamaitechnologies.com
July 8, 2016

23.1.127.98
a23-1-127-98.deploy.static.akamaitechnologies.com
July 4, 2016

23.56.189.175
a23-56-189-175.deploy.static.akamaitechnologies.com
June 7, 2016

172.232.17.12
a172-232-17-12.deploy.static.akamaitechnologies.com
May 21, 2016

23.198.0.219
a23-198-0-219.deploy.static.akamaitechnologies.com
April 18, 2016

23.77.164.32
a23-77-164-32.deploy.static.akamaitechnologies.com
April 13, 2016

104.105.87.115
a104-105-87-115.deploy.static.akamaitechnologies.com
March 2, 2016

23.56.208.62
a23-56-208-62.deploy.static.akamaitechnologies.com
February 20, 2016

184.50.45.76
a184-50-45-76.deploy.static.akamaitechnologies.com
February 9, 2016

23.37.2.139
a23-37-2-139.deploy.static.akamaitechnologies.com
January 5, 2016

172.231.225.215
a172-231-225-215.deploy.static.akamaitechnologies.com
January 5, 2016

23.218.89.215
a23-218-89-215.deploy.static.akamaitechnologies.com
January 5, 2016

23.203.152.90
a23-203-152-90.deploy.static.akamaitechnologies.com
January 5, 2016

23.202.223.98
a23-202-223-98.deploy.static.akamaitechnologies.com
January 5, 2016

23.67.221.209
a23-67-221-209.deploy.static.akamaitechnologies.com
January 5, 2016

23.13.65.195
a23-13-65-195.deploy.static.akamaitechnologies.com
January 5, 2016

172.232.171.175
a172-232-171-175.deploy.static.akamaitechnologies.com
January 4, 2016

104.70.99.8
a104-70-99-8.deploy.static.akamaitechnologies.com
January 4, 2016

172.230.4.61
a172-230-4-61.deploy.static.akamaitechnologies.com
January 4, 2016

23.63.248.76
a23-63-248-76.deploy.static.akamaitechnologies.com
January 4, 2016

23.209.88.94
a23-209-88-94.deploy.static.akamaitechnologies.com
January 4, 2016

104.95.23.168
a104-95-23-168.deploy.static.akamaitechnologies.com
January 4, 2016

172.231.150.30
a172-231-150-30.deploy.static.akamaitechnologies.com
January 4, 2016

23.8.140.109
a23-8-140-109.deploy.static.akamaitechnologies.com
January 3, 2016

23.78.240.117
a23-78-240-117.deploy.static.akamaitechnologies.com
January 2, 2016

23.218.120.63
a23-218-120-63.deploy.static.akamaitechnologies.com
January 2, 2016

23.196.84.127
a23-196-84-127.deploy.static.akamaitechnologies.com
July 1, 2015

File downloads found at URLs served by sp-storage.spccinta.com.

1 / 68      (Adware)
https://sp-storage.spccinta.com//.../spstub.exe  (ac5429c0a5e1ddf52d37b79f6e05555a)

1 / 68      (PUP)
http://sp-storage.spccinta.com//spidentifier/.../spidentifierimpl.exe  (2659133a40cd91829ea2545457d0c72e)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (be3daf698bcfc5f270cef2f8c0db018c)

1 / 68      (PUP)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (dac519ba70736442c6e3bdbb32a38000)

14 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (f5c32fa9c269a3377155e5f69d5d5a2e)

1 / 68      (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (nslea04.tmp)

19 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (63e5e9f6ebe52c6563503aebad789951)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (abfa4518c678e51bc703033e56910412)

19 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (e506539cf22784ddeb35cfaebde9fe7c)

2 / 68      (false positives)
http://sp-storage.spccinta.com//.../spidentifierimpl.exe  (wrar420.exe)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (4b64336513be12b10b84927c8c923ce3)

19 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (0dc7ec676ed9e5672fb8fe05fe1d5edf47619075f0b0e52b33a8ed7683b519ca)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (3a2ddd4f7b77e7d9b079d0c13ae7ce56)

20 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (60c34b36a32fb118f44cb7bc137528eb)

18 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (cca83cae56817c3df7d84b8d1ecfb8b2)

34 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (cf142be7ca04beb2ce2854202174f3f4)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (fdb947bb04f805beaf3878916912cfdc)

24 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (92a31b2cc71007938d5b61cc88584d1b)

19 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (609bd67b39f95cde0032158af3463597)

25 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (f90f4b576eb9aa29fba855388ea81d4a)

18 / 68    (PUP)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (0bef5fe2b6a3493c340c41a33dcc344d)

20 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (8d93c87d7277393fff847e29b4084932)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (1c823021483f59ece7be97689d8643a4)

19 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (ddf9a3ab6945f9c3ad6bfe2d5b26f45e)

12 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (70a566e17fd76360bccc1eb6f6a528ff)

26 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (8316a5a76f8ce57905e4a693954e81c2)

24 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (69f0913d4106a76075ce40caaa253580)

8 / 68      (Adware)
http://sp-storage.spccinta.com/sp-downloader.exe  (ead5f87aa9a5f58b9503fe63424ab38c)

1 / 68      (Adware)
http://sp-storage.spccinta.com/.../spstub.vtsafe.exe  (spstub.exe)

41 / 68    (Adware)
http://sp-storage.spccinta.com/Installer/.../SPSetup.exe  (a2470cfd7bf180741c859d286269069d)

 
Latest 30 of 87 download URLs

The following 5 files have been seen to comunicate with sp-storage.spccinta.com in live environments.

TCP » 172.231.150.30:443
avga8fd.exe (SilentInstaller)

TCP » 23.203.152.90:443
spdownloader.exe (by Conduit)

TCP » 23.203.152.90:443
proxyinstaller.exe

TCP » 23.209.88.94:80
PastaLeadsService.exe (PastaLeadsService)

TCP » 23.218.89.215:80
nsw13.exe (by Client Connect)

URL:
http://sp-storage.spccinta.com/

SSL certificate subject:
CN=*.spccinta.com, OU=IT, O=ClientConnect LTD, L=Foster City, S=CA, C=US

SSL certificate issuer:
CN=Verizon Akamai SureServer CA G14-SHA2, OU=Cybertrust, O=Verizon Enterprise Solutions, L=Amsterdam, C=NL

Web server:
Microsoft-IIS/7.5 (ASP.NET)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.