The domain 1.735322.getsecureinstall.com registered by Whois Privacy Corp. was initially registered in March of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrant:
Whois Privacy Corp.
Registrar:
INTERNET DOMAIN SERVICE BS CORP
Server location:
Dublin City, Ireland (IE)
Create date:
Monday, March 31, 2014
Expires date:
Thursday, March 31, 2016
Updated date:
Wednesday, December 2, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.WARPINSTALL.N, PUP.Installer.Adknowledge, PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.WARPINSTALLER.Installer (M), PUP.Adknowledge.WARPINST.Bundler (M), PUP.Adknowledge (M)
100.00%
Avira AntiVirus
Adware/iBryte.bxjq, Adware/iBryte.bxoq, Adware/iBryte.bxjz, ADWARE/Adware.Gen7
65.63%
Malwarebytes
PUP.Optional.OptimumInstaller.A
62.50%
K7 AntiVirus
Unwanted-Program
62.50%
NANO AntiVirus
Trojan.Win32.IBryte.cwbnyw, Trojan.Win32.IBryte.cwgube, Trojan.Win32.Agent.cxjjsz
62.50%
Kaspersky
not-a-virus:Downloader.Win32.Agent, HEUR:Trojan.Win32.Generic, Trojan.Win32.Badur
62.50%
Sophos
iBryte Optimum Installer, PUA 'iBryte Optimum Installer'
62.50%
Comodo Security
Application.Win32.IBryte.U, Application.Win32.iBryte.WRP
62.50%
VIPRE Antivirus
Optimum Installer, Trojan.Win32.Generic, Threat.4150696, Threat.4778314
62.50%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent, AdWare.iBryte
62.50%
Rising Antivirus
PE:Malware.Agent!6.175E, PE:Malware.Agent!6.162B, PE:Malware.iBryte!6.192B
62.50%
AVG
Adware AdPlugin, Win.Threat.Medium, Adware AdPlugin.FF, Adware AdPlugin.DQ, Adware AdPlugin.DL, Adware AdPlugin.FG
62.50%
avast!
Win32:Somoto-N [PUP], Win32:PUP-gen [PUP], Win32:Adware-gen [Adw], Win32:IBryte-CY [PUP]
62.50%
IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent, AdWare.iBryte
62.50%
Dr.Web
Trojan.DownLoader9.59568, Trojan.DownLoader9ENT.53807, Trojan.DownLoader9.59548, Trojan.DownLoader9.59480, Trojan.Packed.28561
62.50%
The domain 1.735322.getsecureinstall.com has been seen to resolve to the following 5 IP addresses.
ns1.ibspark.com
April 2, 2016
ec2-54-243-244-249.compute-1.amazonaws.com
September 9, 2014
ec2-23-21-189-120.compute-1.amazonaws.com
September 9, 2014
ec2-23-21-100-173.compute-1.amazonaws.com
May 10, 2014
ec2-50-17-234-52.compute-1.amazonaws.com
April 20, 2014
File downloads found at URLs served by 1.735322.getsecureinstall.com.
The following 142 files have been seen to comunicate with 1.735322.getsecureinstall.com in live environments.
URL:
http://1.735322.getsecureinstall.com/
Title:
“getsecureinstall.com”