cojun15cart.com(HTTP Malware Hosted In United States Ashburn Amazon.com Inc.)

cojun15cart.com 23.22.255.164

Description :

Contains anti-debugging code
It makes use of some deprecated flags in the Characteristics field of FileHeader
PE section has SizeOfRawData set to zero

 Behaviours :

Automatically unpack its own code
Deletes itself
Deletes itself after reboot
Drops .EXE file
Manipulates Internet Explorer settings
Runs existing executable
Suspicious delay

 TCP Connections

Type Send :

C:cicaafbwww.exe (v. 1.0.0.0) 50.97.234.3:80  hxxp://cojun15cart.com/download.php?kHmEcWk=

 Hosting Infos :
 http://whois.domaintools.com/23.22.255.164