home

www.gomplayer.tw

Domain Information

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
gomplayer.tw

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.GRETECH.GretechC.Installer.Meta (L)
100.00%

The domain www.gomplayer.tw has been seen to resolve to the following 18 IP addresses.

52.85.131.20
server-52-85-131-20.iad53.r.cloudfront.net
April 6, 2016

52.85.131.205
server-52-85-131-205.iad53.r.cloudfront.net
April 6, 2016

52.85.131.169
server-52-85-131-169.iad53.r.cloudfront.net
April 6, 2016

52.85.131.154
server-52-85-131-154.iad53.r.cloudfront.net
April 6, 2016

52.85.131.134
server-52-85-131-134.iad53.r.cloudfront.net
April 6, 2016

52.85.131.104
server-52-85-131-104.iad53.r.cloudfront.net
April 6, 2016

52.85.131.101
server-52-85-131-101.iad53.r.cloudfront.net
April 6, 2016

52.85.131.80
server-52-85-131-80.iad53.r.cloudfront.net
April 6, 2016

54.230.39.12
server-54-230-39-12.jfk1.r.cloudfront.net
May 5, 2015

54.230.38.123
server-54-230-38-123.jfk1.r.cloudfront.net
May 5, 2015

54.230.38.100
server-54-230-38-100.jfk1.r.cloudfront.net
May 5, 2015

54.230.38.102
server-54-230-38-102.jfk1.r.cloudfront.net
May 5, 2015

54.230.38.101
server-54-230-38-101.jfk1.r.cloudfront.net
May 5, 2015

54.230.37.173
server-54-230-37-173.jfk1.r.cloudfront.net
May 5, 2015

54.230.36.170
May 5, 2015

54.230.39.207
server-54-230-39-207.jfk1.r.cloudfront.net
May 5, 2015

38.109.102.175
April 16, 2014

38.109.102.179
April 16, 2014

File downloads found at URLs served by www.gomplayer.tw.

1 / 68      (PUP)
http://www.gomplayer.tw/.../GOMPLAYERTWSETUP.EXE  (d37762e7b48d06f9a6c45af7522a15b2)

1 / 68      (PUP)
http://www.gomplayer.tw/.../GOMPLAYERTWSETUP.EXE  (2e80a54680bb971a70aecbe332bbe202)

1 / 68      (PUP)
http://www.gomplayer.tw/.../GOMPLAYERTWSETUP.EXE  (5b8e76e6c55daf36dc8a386f4f599a48)

The following 10 files have been seen to comunicate with www.gomplayer.tw in live environments.

TCP » 54.230.37.173:80
DriverAssist.exe

TCP » 54.230.37.173:443
browser.exe (Browser)

TCP » 54.230.37.173:80
appmarket.crx

TCP » 54.230.37.173:80
geniecleaner.exe (Genie Cleaner by Mobogenie.com)

TCP » 54.230.37.173:80
Weather.exe (WeatherBug Desktop by AWS Convergence Technologies)

TCP » 54.230.37.173:443
ManyCam.exe (ManyCam Virtual Webcam by Visicom Media)

TCP » 54.230.38.100:80
dcytdieamodc_amodc_setup.exe

TCP » 54.230.38.101:80
4efece5b5586ee29871717baacdf4c7b.exe

TCP » 54.230.38.123:80
conhost.exe (Console Window Host)

TCP » 54.230.39.12:443
4efece5b5586ee29871717baacdf4c7b.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.