home

50ftwares.com

REACTIVATION PERIOD

Domain Information

The domain 50ftwares.com registered by REACTIVATION PERIOD was initially registered in February of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
ENOM, INC.

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, February 21, 2013

Expires date:
Sunday, February 21, 2016

Updated date:
Sunday, April 3, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Whois:
4 50ftwares.com records

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.IronInstall.J, PUP.ISfreemium.c, PUP.installCore.IronInst (M), PUP.InstallCore.ENG (M), PUP.installCore.ISfreemi (M), PUP.installCore (M)
85.71%

Dr.Web
Adware.InstallCore.101, Adware.InstallCore.124, Adware.InstallCore.101, Adware.InstallCore.122
42.86%

F-Prot
W32/InstallCore.R4.gen, W32/Backdoor2.HRPX, W32/InstallCore.R.gen
38.10%

avast!
Win32:Installer-I [PUP]
33.33%

VIPRE Antivirus
InstallCore, Threat.4786018, Threat.4150696, InstallCore.b
33.33%

ESET NOD32
Win32/Kryptik.BWJC trojan, Win32/InstallCore.BU potentially unwanted application, Win32/InstallCore.BH potentially unwanted application
28.57%

Trend Micro House Call
TROJ_GEN.F47V0708, TROJ_GEN.F47V0813, TROJ_GEN.F47V0327, TROJ_GEN.F47V0305
19.05%

ESET NOD32
Win32/InstallCore.BY (variant), Win32/InstallCore.CF (variant), Win32/InstallCore.BH (variant)
19.05%

Avira AntiVirus
ADWARE/InstallCore.Gen7
14.29%

K7 AntiVirus
Backdoor, Unwanted-Program
14.29%

Sophos
PUA 'Install Core Click run software'
14.29%

McAfee
Artemis!298F2E7D015B, Artemis!050A804AA74F
9.52%

Comodo Security
ApplicUnwnt
9.52%

Emsisoft Anti-Malware
Gen:Variant.Strictor.103267
9.52%

Norman
Gen:Variant.Strictor.103267
9.52%

The domain 50ftwares.com has been seen to resolve to the following 6 IP addresses.

185.53.178.22
July 14, 2016

185.53.177.6
July 8, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
May 19, 2016

185.53.177.10
May 17, 2016

98.124.243.47
February 29, 2016

64.79.83.254
July 26, 2013

File downloads found at URLs served by 50ftwares.com.

1 / 68      (Adware)
http://50ftwares.com/.../9203  (firefox.exe)

4 / 68      (Adware)
http://50ftwares.com/.../25864  (forgot administrator password.exe)

4 / 68      (Adware)
http://50ftwares.com/.../21512  (reset password vista.exe)

1 / 68      (Adware)
http://50ftwares.com/.../61461  (raft wars.exe)

1 / 68      (Adware)
http://50ftwares.com/.../82994  (subway surfers pc.exe)

1 / 68      (Adware)
http://50ftwares.com/.../2644  (dictionary.exe)

1 / 68
http://50ftwares.com/.../23314  (pdf to jpg converter.exe)

1 / 68      (Adware)
http://50ftwares.com/.../60780  (ben 10 moto ride.exe)

1 / 68      (Adware)
http://50ftwares.com/.../34373  (free photo editor.exe)

5 / 68      (Adware)
http://50ftwares.com/.../76319  (winrar.exe)

1 / 68      (Adware)
http://50ftwares.com/.../24332  (flash media player.exe)

7 / 68      (PUP)
http://50ftwares.com/.../54595  (android apps.exe)

5 / 68      (PUP)
http://50ftwares.com/.../89179  (windows media player.exe)

0 / 68
http://50ftwares.com/.../202538  (the beginners guide to minecraft minecrafter secrets.exe)

7 / 68      (Adware)
http://50ftwares.com/.../1958  (video download toolbar.exe)

0 / 68
http://50ftwares.com/.../89107  (avira free antivirus 2013.exe)

1 / 68      (Adware)
http://50ftwares.com/.../89107  (sony ericsson pc suite.exe)

9 / 68      (Adware)
http://50ftwares.com/.../34328  (hypercam.exe)

1 / 68      (Adware)
http://50ftwares.com/.../9204  (web browser firefox.exe)

7 / 68      (PUP)
http://50ftwares.com/.../76398  (winzip.exe)

0 / 68
http://50ftwares.com/.../76398  (winzip.exe)

7 / 68      (PUP)
http://50ftwares.com/.../17541  (pdf reader.exe)

13 / 68    (Adware)
http://50ftwares.com/.../28021  (free anti virus software downloads.exe)

7 / 68      (Adware)
http://50ftwares.com/.../15076  (downloads.exe)

The following 215 files have been seen to comunicate with 50ftwares.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

 
Latest 20 of 219 files

Facebook:
Likes:  2
Shares:  4
Comments:  10

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.