50ftwares.com

REACTIVATION PERIOD

Domain Information

The domain 50ftwares.com registered by REACTIVATION PERIOD was initially registered in February of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
ENOM, INC.

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, February 21, 2013

Expires date:
Sunday, February 21, 2016

Updated date:
Sunday, April 03, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.IronInstall.J, PUP.ISfreemium.c, PUP.installCore.IronInst (M), PUP.InstallCore.ENG (M), PUP.installCore.ISfreemi (M), PUP.installCore (M)
85.71%

Dr.Web
Adware.InstallCore.101, Adware.InstallCore.124, Adware.InstallCore.101, Adware.InstallCore.122
42.86%

F-Prot
W32/InstallCore.R4.gen, W32/Backdoor2.HRPX, W32/InstallCore.R.gen
38.10%

avast!
Win32:Installer-I [PUP]
33.33%

VIPRE Antivirus
InstallCore, Threat.4786018, Threat.4150696, InstallCore.b
33.33%

ESET NOD32
Win32/Kryptik.BWJC trojan, Win32/InstallCore.BU potentially unwanted application, Win32/InstallCore.BH potentially unwanted application
28.57%

Trend Micro House Call
TROJ_GEN.F47V0708, TROJ_GEN.F47V0813, TROJ_GEN.F47V0327, TROJ_GEN.F47V0305
19.05%

ESET NOD32
Win32/InstallCore.BY (variant), Win32/InstallCore.CF (variant), Win32/InstallCore.BH (variant)
19.05%

Avira AntiVirus
ADWARE/InstallCore.Gen7
14.29%

K7 AntiVirus
Backdoor, Unwanted-Program
14.29%

Sophos
PUA 'Install Core Click run software'
14.29%

McAfee
Artemis!298F2E7D015B, Artemis!050A804AA74F
9.52%

McAfee Web Gateway
Artemis!298F2E7D015B, Artemis!050A804AA74F
9.52%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
9.52%

Comodo Security
ApplicUnwnt
9.52%

The domain 50ftwares.com has been seen to resolve to the following 6 IP addresses.

July 14, 2016

July 8, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
May 19, 2016

May 17, 2016

February 29, 2016

July 26, 2013

File downloads found at URLs served by 50ftwares.com.

1 / 68      (Adware)

4 / 68      (Adware)
http://50ftwares.com/.../25864  (forgot administrator password.exe)

4 / 68      (Adware)
http://50ftwares.com/.../21512  (reset password vista.exe)

1 / 68      (Adware)

1 / 68      (Adware)
http://50ftwares.com/.../82994  (subway surfers pc.exe)

1 / 68      (Adware)
http://50ftwares.com/.../2644  (dictionary.exe)

1 / 68
http://50ftwares.com/.../23314  (pdf to jpg converter.exe)

1 / 68      (Adware)
http://50ftwares.com/.../60780  (ben 10 moto ride.exe)

1 / 68      (Adware)
http://50ftwares.com/.../34373  (free photo editor.exe)

5 / 68      (Adware)

1 / 68      (Adware)
http://50ftwares.com/.../24332  (flash media player.exe)

8 / 68      (PUP)
http://50ftwares.com/.../54595  (android apps.exe)

5 / 68      (PUP)
http://50ftwares.com/.../89179  (windows media player.exe)

0 / 68
http://50ftwares.com/.../202538  (the beginners guide to minecraft minecrafter secrets.exe)

7 / 68      (Adware)
http://50ftwares.com/.../1958  (video download toolbar.exe)

0 / 68
http://50ftwares.com/.../89107  (avira free antivirus 2013.exe)

1 / 68      (Adware)
http://50ftwares.com/.../89107  (sony ericsson pc suite.exe)

9 / 68      (Adware)

1 / 68      (Adware)
http://50ftwares.com/.../9204  (web browser firefox.exe)

7 / 68      (PUP)

0 / 68

8 / 68      (PUP)
http://50ftwares.com/.../17541  (pdf reader.exe)

15 / 68    (Adware)
http://50ftwares.com/.../28021  (free anti virus software downloads.exe)

9 / 68      (Adware)

The following 215 files have been seen to comunicate with 50ftwares.com in live environments.

TCP » 54.72.9.51:80

 
Latest 20 of 219 files

Facebook:
Likes:  2
Shares:  4
Comments:  10

Statistics above are for the previous month of July 2017.