3dsemulator.org

WhoisGuard, Inc.  (Proxy Registrant)

Domain Information

The domain 3dsemulator.org is registered by proxy through eNom, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrar:
eNom, Inc.

Server location:
Arizona, United States (US)

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Scanner detections:
Detections  (63% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SomotoIsrael.AA, PUP.OUTBROWSE.V, PUP.installCore (M), PUP.WebDev.ET (M)
80.00%

McAfee
Artemis!FC038B95CA0C, Artemis!65121F400FF2, Artemis!9A91C8CDFAC8
60.00%

Trend Micro House Call
TROJ_GEN.F47V0512, Suspicious_GEN.F47V0810, Suspicious_GEN.F47V0824
60.00%

McAfee Web Gateway
Artemis!FC038B95CA0C, Heuristic.BehavesLike.Win32.Suspicious-PKR.S, Artemis!9A91C8CDFAC8
60.00%

ESET NOD32
Win32/Somoto, Win32/OutBrowse.AK
60.00%

Malwarebytes
PUP.Optional.Somoto, PUP.Optional.OutBrowse
40.00%

K7 Gateway Antivirus
Unwanted-Program
40.00%

K7 AntiVirus
Unwanted-Program
40.00%

NANO AntiVirus
Trojan.Nsis.Mazel.cwhyud, Riskware.Nsis.Downware.degzrz
40.00%

Dr.Web
Trojan.MulDrop4.11744, Adware.Downware.2081
40.00%

VIPRE Antivirus
Trojan.Win32.Generic, OutBrowse
40.00%

Sophos
Somoto BetterInstaller, OutBrowse Revenyou
40.00%

Antiy Labs AVL
Riskware[:not-a-virus]/Win32.Mazel.a, Riskware[:not-a-virus]/Win32.OutBrowse.g
40.00%

AVG
Downloader, Generic
40.00%

Panda Antivirus
PUP/MultiToolbar.A, Trj/Chgt.D
40.00%

The domain 3dsemulator.org has been seen to resolve to the following 4 IP addresses.

December 2, 2014

December 2, 2014

(CloudFlare)
May 28, 2014

(CloudFlare)
May 28, 2014

File downloads found at URLs served by 3dsemulator.org.

7 / 68      (Malware)

2 / 68      (PUP)
http://3dsemulator.org/Citra_Setup.exe  (9030cf6f5ca9d79a4803362cb94e539b)

0 / 68
http://3dsemulator.org/Citra_Setup.exe  (5184ce1e8ff39e6519ca4acadaecf357)

1 / 68      (PUP)

20 / 68    (Adware)
http://3dsemulator.org/eMu3Ds_BIOS_Installer.exe  (9a91c8cdfac8ff3bef9a99ffd295ee53)

20 / 68    (Adware)
http://3dsemulator.org/.../eMu3Ds_downloader-5w7Z6LWn.exe  (fc038b95ca0c8647b0fa54329824f3bc)

URL:
http://3dsemulator.org/

Google Analytics:
UA-42593540

Title:
“3DS Emulator - Play 3DS Games on Your PC”

Description:
“3DS Emulator New version updated! 0.9.5.2 released - 3DS Emulator 0.9.5.2 Update Released! - Doesn't freeze anymore when you try to save - Slight increase of fps - Few minor bugs fixed”

SSL certificate subject:
CN=sni51483.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  219,920
Shares:  5,987
Comments:  28,628

Statistics above are for the previous month of September 2017.