home

storage.stgbssint.com

Perion Network Ltd.

Domain Information

The domain storage.stgbssint.com registered by Client Connect Ltd. was initially registered in December of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in London, England within United Kingdom which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Perion Network Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
England, United Kingdom (GB)

Create date:
Tuesday, December 17, 2013

Expires date:
Sunday, January 1, 2017

Updated date:
Tuesday, January 6, 2015

ASN:
AS1273 CW Vodafone Ltd, GB

Root domain:
stgbssint.com

Whois:
1 stgbssint.com record

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
SearchPlugin.ConduitSearchBar.ToolbarAutoUpdateDll.T, PUP.Conduit.X, PUP.Startup.Conduit.K, PUP.Startup.ClientConnect.K, PUP.Conduit.ClientConnect (M), PUP.Conduit.ClientCo (M), Win32.Generic, PUP.Conduit.Meta (M), PUP.Conduit (M)
97.30%

ESET NOD32
Win32/Toolbar.Conduit, Win32/Toolbar.Conduit (variant), Win32/Conduit.SearchProtect (variant), Win32/ClientConnect (variant)
45.95%

VIPRE Antivirus
Conduit
43.24%

Dr.Web
Adware.Downware.1730, Adware.Conduit.3, MULDROP.Trojan, Adware.Conduit.114, Adware.Conduit.42, Adware.Conduit.45, Adware.Conduit.181
37.84%

Baidu Antivirus
Adware.Win32.Conduit, Adware.Win32.SearchProtect, PUA.Win32.Conduit.bSearchProtect
35.14%

Trend Micro House Call
TROJ_GEN.F47V0317, TROJ_GEN.F47V0601, TROJ_GEN.F47V0218, Suspicious_GEN.F47V1125, Suspicious_GEN.F47V1228
32.43%

McAfee
Artemis!94B13CA31F62, Artemis!B400DCF36EE5, Artemis!3A3922BC16FB, Artemis!08A1462AC003, Artemis!56DEC75A290F, Artemis!4DC254CE0981
29.73%

IKARUS anti.virus
PUP.ClientConnect, PUA.ClientConnect, PUA.Conduit.SearchProtect
27.03%

Avira AntiVirus
TR/Trash.Gen, PUA/SearchProtect.Gen
18.92%

Malwarebytes
PUP.Optional.Conduit, PUP.Optional.ClientConnect
16.22%

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
16.22%

Fortinet FortiGate
Riskware/Toolbar_Conduit, Riskware/Conduit_SearchProtect, Riskware/Agent
10.81%

G Data
Application.SearchProtect.AD, Win32.Application.ClientConnectConduitDL, Win32.Application.SearchProtect.AJ
10.81%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
8.11%

Qihoo 360 Security
Win32/Virus.WebToolbar.48f
8.11%

The domain storage.stgbssint.com has been seen to resolve to the following 14 IP addresses.

95.101.18.51
a95-101-18-51.deploy.akamaitechnologies.com
August 30, 2016

92.123.98.192
a92-123-98-192.deploy.akamaitechnologies.com
June 4, 2016

23.51.216.220
a23-51-216-220.deploy.static.akamaitechnologies.com
May 18, 2016

104.82.167.154
a104-82-167-154.deploy.static.akamaitechnologies.com
April 16, 2016

184.86.91.85
a184-86-91-85.deploy.static.akamaitechnologies.com
April 14, 2016

104.66.252.230
a104-66-252-230.deploy.static.akamaitechnologies.com
April 14, 2016

23.214.39.171
a23-214-39-171.deploy.static.akamaitechnologies.com
March 2, 2016

23.9.122.224
a23-9-122-224.deploy.static.akamaitechnologies.com
February 10, 2016

104.93.196.91
a104-93-196-91.deploy.static.akamaitechnologies.com
February 4, 2016

104.82.185.234
a104-82-185-234.deploy.static.akamaitechnologies.com
January 4, 2016

23.67.89.26
a23-67-89-26.deploy.static.akamaitechnologies.com
January 4, 2016

2.22.67.63
January 3, 2016

23.214.151.228
a23-214-151-228.deploy.static.akamaitechnologies.com
January 2, 2016

172.229.236.170
a172-229-236-170.deploy.static.akamaitechnologies.com
September 4, 2014

File downloads found at URLs served by storage.stgbssint.com.

9 / 68      (PUP)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/.../MiniSP.dll  (84bd5af7f0943bae43096de28e7a8737)

5 / 68      (PUP)
http://storage.stgbssint.com/IEBackgroundContainer/TBUpdaterLogic/.../TBUpdaterLogic.dll  (tbupdaterlogic_1.0.0.2.dll)

10 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (179b515a61e6d0c038dff57e0cec1a65)

1 / 68      (inconclusive)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.0.4.9/.../MiniSP32.dll  (71c20de5ec220e8dae5ffc56875c3c77)

1 / 68      (Adware)
http://storage.stgbssint.com/IEBackgroundContainer/TBUpdaterLogic/.../TBUpdaterLogic.dll  (tbupdaterlogic_4.0.0.2.dll)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.7.31/.../MiniSPWin32.dll  (0c41b6c0419776f3da65cc4bda2bd0d2)

2 / 68      (false positives)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/.../MiniSP.dll  (wrar420.exe)

1 / 68      (PUP)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (26825678febd7c5170a8e2feded687f3)

2 / 68      (false positives)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (wrar420.exe)

9 / 68      (PUP)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (94b13ca31f6231952af7217b54ee6a78)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.0.7.8/.../MiniSPWin32.dll  (91572f6fae4347be620c3a85cd99a916)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.5.26/.../MiniSPWin32.dll  (5b94568c33b0e53db203e0d837a84048)

21 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (c9980506cd7231b87c7a15f494c5b1d3)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.3.15/.../MiniSPWin32.dll  (d4aa7e6137e10d6d94e9a221e4aa45c1)

1 / 68      (PUP)
http://storage.stgbssint.com/IEBackgroundContainer/TBUpdaterLogic/.../TBUpdaterLogic.dll  (2de057cf561c70a451001b5b8ee49406)

11 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (dd1e0296b9a3fe5c6446c00dd073075c)

21 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (c9980506cd7231b87c7a15f494c5b1d3)

10 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (23611f2d172f8b47b0497eec2560cc1b)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.1.5/.../MiniSPWin32.dll  (8c234a41e7f2576e67fcf85c44cd7eae)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.2.2/.../MiniSPWin32.dll  (898c727fed414311b0b60a5261eed593)

16 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.0.2.182/.../MiniSP32.dll  (db6c7e2dca35dfef9a18ce375bb4a573)

1 / 68      (PUP)
http://storage.stgbssint.com/IEBackgroundContainer/TBUpdaterLogic/.../TBUpdaterLogic.dll  (tbupdaterlogic_5.0.0.1.dll)

11 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (dd1e0296b9a3fe5c6446c00dd073075c)

7 / 68      (PUP)
http://storage.stgbssint.com/ps/utilities/.../mchecktbexist.exe  (sweetiminstallvalidator.exe)

1 / 68      (Adware)
http://storage.stgbssint.com/IEBackgroundContainer/TBUpdaterLogic/.../TBUpdaterLogic.dll  (tbupdaterlogic_4.0.0.1.dll)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.7.34/.../MiniSPWin32.dll  (d4aa7e6137e10d6d94e9a221e4aa45c1)

1 / 68      (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.0.2.178/.../MiniSP32.dll  (c04ef1dfd6a9be43b40ee622eb60da5a)

6 / 68      (Adware)
http://storage.stgbssint.com/ps/.../ccinstaller.exe  (08a1462ac003ce4c39ce9afbc5716272)

11 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/TBSupportAU/.../APISupport.dll  (dd1e0296b9a3fe5c6446c00dd073075c)

17 / 68    (Adware)
http://storage.stgbssint.com/TBNewTabSupport/SPAU/1.1.0.8/.../MiniSPWin32.dll  (b21a898bb1d9c61cd0754c05759101d5)

 
Latest 30 of 198 download URLs

The following 11 files have been seen to comunicate with storage.stgbssint.com in live environments.

TCP » 172.229.236.170:80
67dccfc125ef18d351bba9618c97d74dc0c239198947086bd188f93fd756ffb3

TCP » 172.229.236.170:80
5ed4925a746d24795f91c76d9e860b5ef73d0639e97eee0bc617c51e71e3cc36

TCP » 172.229.236.170:80
5e1fa1ad172292a63a7170d47d92b901e9cadcaf150c702ae3e05543f0f30ef0

TCP » 172.229.236.170:80
383e9bc764a79420231e045f80077ebda1afd7ddc2dd1e9c7176f673b2ede8b3

TCP » 172.229.236.170:80
26e0cb92eebc4398cc88543767e9073d73382069ca42fea6b02be77bd6a040c2

TCP » 172.229.236.170:80
0ea01903514010a2e6a5d6f2da96094de840ad4aad1f93e4ec26b2c30455afc4

TCP » 172.229.236.170:80
074aba82666040a3c3f4866173aa5c4a6c5bfa442ef405b482dc55f486b32235

TCP » 172.229.236.170:80
084f9b164e25f31d2fcb589d0416389ae69059fb3289292415123be17b464ff6

TCP » 172.229.236.170:80
0032a3c7c756897e17f3b8d60dfcc43e3a10f512d856efdab51365edd28e37e6

TCP » 172.229.236.170:80
2de2f6dfa3e3fdbf8b5cb47a9e2098826d5b4e8babdb762eecfab72160263f9f

TCP » 172.229.236.170:80
ism.exe (Installation Service Module by ClientConnect)

URL:
http://storage.stgbssint.com/

SSL certificate subject:
CN=*.stgbssint.com, OU=IT, O=Acquisio Inc., L=Foster City, S=CA, C=US

SSL certificate issuer:
CN=Verizon Akamai SureServer CA G14-SHA1, OU=Cybertrust, O=Verizon Enterprise Solutions, L=Amsterdam, C=NL

Web server:
BigIP

perion.com

codefuel.com

guardi.us

fileparade.com

incredibar.com

better-search.net

software-watcher.com

soft-now.com

soft-now.net

databssint.com

spccint.com

drive-files-a.com

drive-files-b.com

drive-files-c.com

trovigo.com

guard-search.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.