ttb.mediaplayertotal.com

China Capital Investment Limited

Domain Information

The domain ttb.mediaplayertotal.com registered by China Capital Investment Limited was initially registered in December of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
INTERWEB ADVERTISING D.B.A. PROFILE BUILDER

Server location:
Oregon, United States (US)

Create date:
Tuesday, December 08, 2015

Expires date:
Thursday, December 08, 2016

Updated date:
Tuesday, December 08, 2015

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.tuguusl.M, PUP.Installer.TuguuSL.F, Threat.Tuguu.Bundler, PUP.Tuguu.TuguuSL.Bundler (M), PUP.Air Software.AirSoftware.Bundler (M), PUP.Tuguu.Bundler (M), PUP.Tuguu.TuguuIsrael.Bundler (M), PUP.Tuguu.TuguuU.Bundler (M), PUP.Tuguu.TuguuIsr.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Softpulse (M)
94.44%

Dr.Web
Adware.Downware.1823, Adware.Downware.2035, Trojan.PackedENT.24553
16.67%

VIPRE Antivirus
Threat.4150696, Iminent, Threat.4657539
16.67%

McAfee
Adware-DomaIQ, Program.Adware-DomaIQ
11.11%

avast!
Win32:DomaIQ-CM [PUP], Win32:Installer-L [PUP]
11.11%

ESET NOD32
Win32/DomaIQ.AS potentially unwanted application, MSIL/DomaIQ.B potentially unwanted application
11.11%

AVG
Adware Skodna.Generic_r
11.11%

Kaspersky
not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.Win32.AirAdInstaller
11.11%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.AirAdInstaller
11.11%

K7 Gateway Antivirus
Unwanted-Program
11.11%

K7 AntiVirus
Unwanted-Program
11.11%

Comodo Security
Application.Win32.Agent.D, Application.Win32.AirAdInstaller.A
11.11%

Sophos
PUA 'DomainIQ pay-per install', AirInstaller
11.11%

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/Win32.Lollipop.qn, Trojan[:HEUR]/Win32.AGeneric
11.11%

Kingsoft AntiVirus
Win32.Troj.DomaIQ.e.(kcloud), Win32.Troj.AirAdInstall.bb.(kcloud)
11.11%

The domain ttb.mediaplayertotal.com has been seen to resolve to the following 7 IP addresses.

192.230.92.93.ip.incapdns.net
September 15, 2016

199.83.132.93.ip.incapdns.net
July 21, 2016

April 9, 2016

50-56-218-189.static.cloud-ips.com
February 13, 2016

ec2-54-149-159-30.us-west-2.compute.amazonaws.com
May 5, 2015

ec2-52-10-156-255.us-west-2.compute.amazonaws.com
May 5, 2015

ec2-54-218-45-67.us-west-2.compute.amazonaws.com
January 6, 2014

File downloads found at URLs served by ttb.mediaplayertotal.com.

The following 64 files have been seen to comunicate with ttb.mediaplayertotal.com in live environments.

 
Latest 20 of 67 files

URL:
http://ttb.mediaplayertotal.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.8.1