home

ad-file.com

Realistic Group

Domain Information

The domain ad-file.com registered by Realistic Group was initially registered in November of 2014 through REGTIME LTD.. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
REGTIME LTD.

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Friday, November 7, 2014

Expires date:
Monday, November 7, 2016

Updated date:
Monday, May 25, 2015

ASN:
AS16276 OVH OVH SAS, FR

Whois:
2 ad-file.com records

Google Safe Browsing:
phishing

Scan engine
Details
Detections

MicroWorld eScan
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

McAfee
Artemis!D2C210780627, Artemis!5A034A49A715, Artemis!055B3B95BD83
21.43%

Bitdefender
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

avast!
Win32:Evo-gen [Susp], Win32:Malware-gen
21.43%

Lavasoft Ad-Aware
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

F-Secure
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

Emsisoft Anti-Malware
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

Arcabit
Trojan.Symmi.D90E8, Trojan.Generic.D2DFED1, Trojan.Generic.DDFE4D2
21.43%

G Data
Gen:Variant.Symmi.37096, Trojan.GenericKD.3014353, Trojan.Generic.14673106
21.43%

AVG
Generic13_c, ILCrypt, Luhe.Fiha.A
21.43%

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen, Win32/Trojan.eb7, HEUR/QVM03.0.Malware.Gen
21.43%

ESET NOD32
Win32/Packed.Themida suspicious (variant), MSIL/DllInject.AI potentially unsafe (variant)
14.29%

Sophos
Mal/EncPk-DW, Mal/MsilInj-G
14.29%

Avira AntiVirus
TR/Symmi.3067904.1, TR/Dldr.Delphi.Gen4
14.29%

Reason Heuristics
PUP.AnchorFree.Installer.Meta (L), Threat.Win.Reputation.IMP
14.29%

The domain ad-file.com has been seen to resolve to the following 6 IP addresses.

198.251.84.79
July 13, 2016

37.59.33.100
ns3388511.ip-37-59-33.eu
June 8, 2016

163.172.19.203
163-172-19-203.rev.poneytelecom.eu
June 4, 2016

104.27.168.229
February 26, 2016

104.27.169.229
February 26, 2016

89.248.225.50
LXXXIX.CCXLVIII.CCXXV.L.quickline.ru
May 7, 2015

File downloads found at URLs served by ad-file.com.

0 / 68
http://ad-file.com/download/6Jj2fj6yk/.../Unturned_Viper_ESP_Hack.exe.torrent  (7b905d44a15527e3d847fc81ba8401f3)

0 / 68
http://ad-file.com/torrent/.../Install_Xfer_Serum_Update_110b1.exe.torrent  (976b9a36c726886b4f8ff2242c593792)

0 / 68
http://ad-file.com/download/87jCZSnKy/.../RHL 15 v4.0.exe.torrent  (40c54c07278d19b550c29df519c8832d)

0 / 68
http://ad-file.com/download/private/6cLXfDgFn/5bfe44340b423efcb9281028400b6682/.../ddraw.dll  (bef5ab3ceeda29ceb233e2e88d2ccc1f)

11 / 68    (Malware)
http://ad-file.com/download/6zdQFJHBG/.../~McRDipsetMini.exe  (-mcrdipsetmini.exe)

1 / 68
http://ad-file.com/download/6MrsPX8bV/.../807 Network Joystick(4a12k)3.70a.exe  (88f5cc8e8372a5d52a27abf323349eec)

0 / 68
http://ad-file.com/download/8FLghpMCG/.../BT_18.16.1_32_Win7.exe  (1fcfdba84072ee2bfce0ed94e87e6abc)

0 / 68
http://ad-file.com/download/874YZ2wnC/.../VHL15_setup.exe.torrent  (05da9dde44b96af85aa059b12d82b66b)

0 / 68
http://ad-file.com/download/6QrCgcwCB/.../RHL 15 v1.0.exe.torrent  (06dfdb8c12d4dfba19de31e64d14bf28)

0 / 68
http://ad-file.com/download/6BdVD9MR7/.../Hesoolver v2.5.7 English.exe  (725079d9e7e6d4c89c87c473f50ec3b3)

0 / 68
http://ad-file.com/download/6Pn5NxwGL/.../23ebd507aeca5b8eab44824f7147031206e5d3c0/antcrasher037.zip  (35e979dd-d886-c05b-609a-02549f3ce9a6_1d1bb383858b389)

0 / 68
http://ad-file.com/download/6mg4cSFZw/.../868f4da61f015b54a21db07f877e0838e071c88f/RHL 14.exe.torrent  (2938ff7950e5f7ba5f643cb566f8e694)

0 / 68
http://ad-file.com/download/8LW2bvJ2y/.../d6222516ab76089846892cc275c9690accb95f21/RuntimePack.exe  (vcr1.exe)

0 / 68
http://ad-file.com/download/6BdVD9MR7/.../ca11f70bba7ed5b5f56d2b75ac2dbef94c69edf1/Hesoolver v2.5.7 English.exe  (725079d9e7e6d4c89c87c473f50ec3b3)

0 / 68
http://ad-file.com/download/7x6BKpCsk/.../880590001e275ca0959f078ba645e3bf36cab87b/Simple Wall v4.RAR  (5f985f7b2e4d8399916f6124e6281644)

0 / 68
http://ad-file.com/download/77DFKPlVC/.../AntiAFK (1).exe  (36_antiafk.exe)

0 / 68
http://ad-file.com/download/7Qvz4DsmK/.../PremiereRus.exe  (premiere_pro_cs6_0_2_rus_v4.exe)

19 / 68    (Malware)
http://ad-file.com/download/6KmFww8br/.../Pinoyhideout Inject.exe  (055b3b95bd83b865eb13f4dbea600ddd)

0 / 68
http://ad-file.com/torrent/.../MultiPackBase.exe.torrent  (7389a841ce656c68e0fb97176bdc84c7)

0 / 68
http://ad-file.com/download/59190362/.../Auto Clicker - ?????.exe  (autoclicker by dib1500.exe)

1 / 68      (Malware)
http://ad-file.com/download/private/6DYrhb9Vj/465c9ff41ce837b9aaa37466766fc17b/.../DNW.exe  (чистит логи.exe)

0 / 68
http://ad-file.com/download/69gk6GGbg/.../5ce125700a8d2aa18403a58a7489a69c8c9f91c0/HackOP(zoro1021 v1.3).rar  (bfd042123d4ee0974777694ae2340f89)

0 / 68
http://ad-file.com/download/45268696/.../7d1a6ccbe2ed4d5aa5c75b578354c0c3aba92528/msvcr71.dll  (ca2f560921b7b8be1cf555a5a18d54c3)

0 / 68
http://ad-file.com/download/8PmcDmRdR/.../Survival Cheats.exe  (0d89211cb3c4a2792c740fe5c6b0077e)

6 / 68      (Malware)
http://ad-file.com/download/8pjtk8t5k/.../Global Loader ULTRA v4.0.exe  (5a034a49a7153a18309ac33c287a8865)

0 / 68
http://ad-file.com/download/8NhFmHbFL/.../RHL 15 v2.0.exe.torrent  (918c912d11a620824bbce384dfd265d2)

0 / 68
http://ad-file.com/download/7zTK95HWk/.../SM_Fix_Repair.exe.torrent  (22adfe74af05bf3588a0fd8add53d4c5)

1 / 68      (PUP)
http://ad-file.com/download/6V9rWfKRg/.../HSS-4.18.3-install-plain-701-plain.exe  (26a24244990efa9b4a9e69f232920c57)

0 / 68
http://ad-file.com/download/864qycNbg/.../EasyBCD 2.3 Beta - Build 193.exe  (0fe72ca08f42c670c935524727c60cc0)

0 / 68
http://ad-file.com/download/6BdVD9MR7/.../Hesoolver v2.5.7 English.exe  (725079d9e7e6d4c89c87c473f50ec3b3)

 
Latest 30 of 37 download URLs

The following 3 files have been seen to comunicate with ad-file.com in live environments.

TCP » 37.59.33.100:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 89.248.225.50:80
localumscrgqtdc.exe (by Mohamed Big-Boy)

TCP » 89.248.225.50:80
clean.exe (aPrWBvOWzkljpBHN0 by ad7C173YP24RH)

URL:
http://ad-file.com/

Google Analytics:
UA-15644263

Title:
“RGhost — file sharing”

Description:
“Free file hosting without waiting and captcha. Preview for images, media, documents and archives. RGhost — fast and easy file sharing.”

SSL certificate subject:
CN=sni44416.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  183
Shares:  1,104
Comments:  153

Statistics above are for the previous month of March 2024.

ad-file.net

ad-file.ru

rghost.net

rghost.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.