The domain 3.track342ut.com is registered by proxy through GODADDY.COM, LLC and was originally registered in January of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Tuesday, January 14, 2014
Expires date:
Wednesday, January 14, 2015
Updated date:
Wednesday, January 15, 2014
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.AppsInstallerSL.E, PUP.Installer.PopelerSystemsl.E, PUP.Installer.CondestilDevelopmentssl.E, PUP.Solimba.Firseria.Bundler (M), PUP.Solimba.AppsInstaller.Installer (M), PUP.Solimba.CondestilDevelopments (M), PUP.Solimba.CondestilDevelopments.Installer (M), PUP.Solimba.Condesti.Installer (M), PUP.Solimba.Condesti.Bundler (M), PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba.Condesti (M), PUP.Solimba (M)
100.00%
VIPRE Antivirus
Threat.4782980, Threat.4150696, DownloadMR, Threat.5063304, Threat.4758821
40.43%
Avira AntiVirus
TR/Dropper.Gen, APPL/Firseria.Gen8, APPL/FirseriaM.A.1, APPL/FirseriaM.A.2, TR/Crypt.XPACK.Gen
40.43%
AVG
Generic, Adware BundleApp_r.AF, Adware BundleApp.GI
40.43%
avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk], Win32:Trojan-gen, Win32:PUP-gen [PUP], Win32:Firseria-C [PUP]
38.30%
Sophos
Solimba Installer, PUA 'Solimba Installer'
38.30%
G Data
Win32.Application.Morstar, Application.Bundler.BM, Trojan.Agent.BEOF, Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria
38.30%
Vba32 AntiVirus
Downware.Morstar
38.30%
Dr.Web
Trojan.MulDrop5.34677, Trojan.DownLoader11.24441, Trojan.MulDrop5.34679, Adware.Downware.9416
38.30%
IKARUS anti.virus
AdWare.Win32.FirseriaInstaller, PUA.MSIL.Solimba, PUA.Optional.Condestil, AdWare.BundleApp, not-a-virus:AdWare.Fiseria
36.17%
Panda Antivirus
Adware/Solimba, Trj/Genetic.gen
36.17%
Malwarebytes
PUP.Optional.Firseria, PUP.Optional.Popeler, PUP.Optional.Condestil, PUP.Optional.Solimba, PUP.Optional.FirseriaInstaller
36.17%
K7 AntiVirus
Unwanted-Program , Trojan
36.17%
ESET NOD32
MSIL/Solimba.AH potentially unwanted application, Win32/FirseriaInstaller.M potentially unwanted application, Win32/FirseriaInstaller.S potentially unwanted application
36.17%
Comodo Security
Application.Win32.Firseria.MAP, Application.Win32.Solimba.KUY, Application.Win32.Firseria.MAR
34.04%
The domain 3.track342ut.com has been seen to resolve to the following 2 IP addresses.
ec2-107-20-149-171.compute-1.amazonaws.com
August 7, 2014
ec2-54-225-148-225.compute-1.amazonaws.com
August 7, 2014
File downloads found at URLs served by 3.track342ut.com.
Latest 30 of 47 download URLs
URL:
http://3.track342ut.com/
Network:
Amazon Web Services (AWS), running an EC2 instance