home

www.plateau-technologies.com

Moniker Privacy Services  (Proxy Registrant)

Domain Information

The domain www.plateau-technologies.com is registered by proxy through Moniker Online Services and was originally registered in May of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
Moniker Online Services

Server location:
Virginia, United States (US)

Create date:
Wednesday, May 21, 2014

Expires date:
Saturday, May 21, 2016

Updated date:
Friday, December 18, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
plateau-technologies.com

Whois:
1 plateau-technologies.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Wajam.preverttechnology.Installer (M), PUP.Wajam.preverttechnology (M), PUP.Wajam.yvonlheureuxtechnology.Meta (M), Threat.Win.Reputation.IMP
96.97%

NANO AntiVirus
Trojan.Nsis.Wajam.dqgtqq
33.33%

F-Prot
W32/MSIL_Injector.AE.gen
33.33%

G Data
NSIS.Application.Wajam
33.33%

Vba32 AntiVirus
TrojanSpy.Agent, suspected of Trojan.Downloader.gen.h
33.33%

Rising Antivirus
NS:Adware.BrAppWare NS!1.A17E [F]
33.33%

Malwarebytes
PUP.Optional.Wajam
30.30%

Zillya! Antivirus
Trojan.Agent.Win32.573411, Adware.BrowseFox.Win32.184656
30.30%

VIPRE Antivirus
Wajamu, Threat.4895337
30.30%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen, Win32/Virus.Adware.fb4
30.30%

Dr.Web
Adware.Wajam.64
24.24%

Bkav FE
W32.HfsAdware
21.21%

Avira AntiVirus
TR/Dropper.Gen, ADWARE/Wajam.A.18772, ADWARE/Wajam.A.18704, ADWARE/Wajam.A.19290, ADWARE/Wajam.4054408
15.15%

IKARUS anti.virus
PUA.Wajam, Trojan-Spy.Win32.Agent, not-a-virus:Downloader.Wajam
9.09%

K7 AntiVirus
Riskware
6.06%

The domain www.plateau-technologies.com has been seen to resolve to the following IP address.

54.208.23.129
ec2-54-208-23-129.compute-1.amazonaws.com
January 4, 2016

File downloads found at URLs served by www.plateau-technologies.com.

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.1.20.exe  (awhaba9.tmp)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.2.5.exe  (wwe_1.54.1.13.exe)

12 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.58.1.20.exe  (optin.php)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.56.1.5.exe  (awh3047.tmp)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.56.1.8.exe  (wwe_1.54.1.13.exe)

11 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.1.16.exe  (pbvc19y26j.exe)

12 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.20.exe  (wwe_1.54.1.13.exe)

13 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.19.exe  (wajam_install.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.1.13.exe  (wj.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.30.exe  (yrugphb7na.exe)

10 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.55.1.24.exe  (459d-7583-5534-6bef.exe)

13 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.15.exe  (acb4ee90b9c343e2affa04bf623edfc7)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.1.15.exe  (awh578b.tmp)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.1.14.exe  (wwe_1.54.1.13.exe)

1 / 68      (Malware)
http://www.plateau-technologies.com/.../WWE_1.58.101.25.exe  (wwe_1.57.1.30.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.9.exe  (wwe_1.54.1.13.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.56.1.6.exe  (oxmlwn3ldh.exe)

15 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.29.exe  (wwe_1.54.1.13.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.55.1.21.exe  (wwe_1.54.1.13.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.55.1.15.exe  (wj.exe)

1 / 68      (Malware)
http://www.plateau-technologies.com/.../WWE_1.58.101.26.exe  (wepbk97zzn.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.5.exe  (awh938a.tmp)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.55.1.20.exe  (muqk1sq24d.exe)

10 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.56.1.7.exe  (165c4fa595c1c933a58fbd9b4efb2ba0)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.55.1.19.exe  (wwe_1.54.1.13.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.54.2.3.exe  (wwe_1.54.1.13.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.6.exe  (rrrf0exvgj.exe)

13 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.22.exe  (c85f328e77fb34ab0678c5e3479b64fd)

14 / 68    (PUP)
http://www.plateau-technologies.com/.../WWE_1.57.1.25.exe  (0810z9bcoh.exe)

1 / 68      (PUP)
http://www.plateau-technologies.com/.../WWE_1.58.101.6.exe  (wj.exe)

 
Latest 30 of 33 download URLs

The following 38 files have been seen to comunicate with www.plateau-technologies.com in live environments.

TCP » 54.208.23.129:80
stub4_install.exe

TCP » 54.208.23.129:80
wajam_download.exe (Wajam)

TCP » 54.208.23.129:80
klcp_update_1111_20150422_dlm.exe

TCP » 54.208.23.129:80
9cd73ac62857d9616a0d2c7707f2007a.exe

TCP » 54.208.23.129:80
garrys mod.exe

TCP » 54.208.23.129:80
setup.exe

TCP » 54.208.23.129:80
horizon-setup.exe

TCP » 54.208.23.129:80
legalsuitecasemanagementsoftware-setup.exe

TCP » 54.208.23.129:80
ie-update.exe

TCP » 54.208.23.129:80
6fbec206621ee896f42e252f2f798e48.exe

TCP » 54.208.23.129:80
30ff1081c40b5d07b75e2c5863df151d.exe

TCP » 54.208.23.129:80
setup.exe

TCP » 54.208.23.129:80
54ff18870766c80cb793c411ff65cb44.exe

TCP » 54.208.23.129:80
6005c67578eb5f4e58bee998f799f484.exe

TCP » 54.208.23.129:80
63ea81004c380edad21a6b722ffd728d.exe

TCP » 54.208.23.129:80
installer_adobe_flash_player_english.exe

TCP » 54.208.23.129:80
6314af5ed496dba06362c6c1698ded89.exe

TCP » 54.208.23.129:80
vobsub_2.23_downloader.exe

TCP » 54.208.23.129:80
freeeasycddvdburner-setup.exe

TCP » 54.208.23.129:80
setup.exe

 
Latest 20 of 38 files

URL:
http://www.plateau-technologies.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache/2.2.14 (Ubuntu) (PHP/5.3.2-1ubuntu4.19)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.