1.735322.getsecureinstall.com

Whois Privacy Corp.

Domain Information

The domain 1.735322.getsecureinstall.com registered by Whois Privacy Corp. was initially registered in March of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Dublin City, Ireland (IE)

Create date:
Monday, March 31, 2014

Expires date:
Thursday, March 31, 2016

Updated date:
Wednesday, December 02, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.WARPINSTALL.N, PUP.Installer.Adknowledge, PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.WARPINSTALLER.Installer (M), PUP.Adknowledge.WARPINST.Bundler (M), PUP.Adknowledge (M)
100.00%

Avira AntiVirus
Adware/iBryte.bxjq, Adware/iBryte.bxoq, Adware/iBryte.bxjz, ADWARE/Adware.Gen7
65.63%

Malwarebytes
PUP.Optional.OptimumInstaller.A
62.50%

K7 AntiVirus
Unwanted-Program
62.50%

K7 Gateway Antivirus
Unwanted-Program
62.50%

NANO AntiVirus
Trojan.Win32.IBryte.cwbnyw, Trojan.Win32.IBryte.cwgube, Trojan.Win32.Agent.cxjjsz
62.50%

Kaspersky
not-a-virus:Downloader.Win32.Agent, HEUR:Trojan.Win32.Generic, Trojan.Win32.Badur
62.50%

Sophos
iBryte Optimum Installer, PUA 'iBryte Optimum Installer'
62.50%

Comodo Security
Application.Win32.IBryte.U, Application.Win32.iBryte.WRP
62.50%

VIPRE Antivirus
Optimum Installer, Trojan.Win32.Generic, Threat.4150696, Threat.4778314
62.50%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent, AdWare.iBryte
62.50%

Rising Antivirus
PE:Malware.Agent!6.175E, PE:Malware.Agent!6.162B, PE:Malware.iBryte!6.192B
62.50%

AVG
Adware AdPlugin, Win.Threat.Medium, Adware AdPlugin.FF, Adware AdPlugin.DQ, Adware AdPlugin.DL, Adware AdPlugin.FG
62.50%

avast!
Win32:Somoto-N [PUP], Win32:PUP-gen [PUP], Win32:Adware-gen [Adw], Win32:IBryte-CY [PUP]
62.50%

Kingsoft AntiVirus
Win32.Troj.DownAgent.bk.(kcloud), Win32.Troj.Badur.hr.(kcloud)
62.50%

The domain 1.735322.getsecureinstall.com has been seen to resolve to the following 5 IP addresses.

ns1.ibspark.com
April 2, 2016

ec2-54-243-244-249.compute-1.amazonaws.com
September 9, 2014

ec2-23-21-189-120.compute-1.amazonaws.com
September 9, 2014

ec2-23-21-100-173.compute-1.amazonaws.com
May 10, 2014

ec2-50-17-234-52.compute-1.amazonaws.com
April 20, 2014

File downloads found at URLs served by 1.735322.getsecureinstall.com.

1 / 68      (Adware)

1 / 68      (Adware)
http://1.735322.getsecureinstall.com/o/.../Setup.exe  (2cd5a0ab154a55f765d8edd76aaf2f8d)

The following 142 files have been seen to comunicate with 1.735322.getsecureinstall.com in live environments.

 
Latest 20 of 154 files

URL:
http://1.735322.getsecureinstall.com/

Title:
“getsecureinstall.com”

Web server:
nginx