bitberry.cachefly.net

CacheNetworks, LLC

Domain Information

The domain bitberry.cachefly.net registered by CacheNetworks, LLC was initially registered in February of 2005 through TUCOWS DOMAINS INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States.
Registrar:
TUCOWS DOMAINS INC.

Server location:
Illinois, United States (US)

Create date:
Thursday, February 24, 2005

Expires date:
Friday, February 24, 2017

Updated date:
Tuesday, February 23, 2016

ASN:
AS30081 CACHENETWORKS - CacheNetworks, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.Z, PUP.Installer.W3i.V, Adware.Installer.BitberrySoftware.AA, PUP.Optional.BitberrySoftware.M, PUP.Optional.Installer.AA, PUP.Optional.Installer.c, PUP.Optional.Installer.O, PUP.Installer.InstallX, PUP.InstallX.W3i.Installer (M), Win32.Generic
100.00%

ESET NOD32
Win32/InstallIQ (variant), Win32/InstallCore.CU (variant), Win32/InstallCore.JE.gen (variant), Win32/InstallCore.MC, Win32/InstallCore.PO (variant)
66.67%

Dr.Web
Adware.W3i.32, Adware.InstallCore.133, Trojan.Packed.2782, Trojan.MulDrop5.10078, Trojan.MulDrop5.34526, Trojan.MulDrop5.40210
53.33%

McAfee Web Gateway
Artemis!370EA922FC3E, Artemis!1886DA81FC11, Artemis!D4D78627FFBB, Artemis!E88AA19D5C33, Artemis!FBC6B9D2B10A, Artemis!79F04ACA3070
53.33%

VIPRE Antivirus
InstallIQ Installer, InstallCore.b, Adware.Win32.InstallCore.ba, Trojan.Win32.Generic, Threat.4150696
50.00%

McAfee
Artemis!370EA922FC3E, Artemis!1886DA81FC11, Artemis!D4D78627FFBB, Artemis!E88AA19D5C33, Artemis!FBC6B9D2B10A, Artemis!79F04ACA3070, Artemis!1A0F2CF45A73, Artemis!9736DA48565C, Artemis!E8E6486CBA16, Artemis!F3429B6E7242, Virus.W32/Sality.gen.z, Artemis!89465B284CA0
50.00%

Avira AntiVirus
APPL/InstallIQ.Gen5, ADWARE/InstallCore.Gen9, Adware/InstallCore.A.1448, ADWARE/InstallCore.Gen4, Adware/InstallCore.798016
46.67%

Sophos
Install Core, Install Core Click run software
46.67%

K7 AntiVirus
Unwanted-Program , Trojan
43.33%

K7 Gateway Antivirus
Unwanted-Program , Trojan
40.00%

Trend Micro House Call
TROJ_GEN.F47V1122, TROJ_GEN.F47V0122, TROJ_GEN.F47V0319, TROJ_GEN.F47V0601, Suspicious_GEN.F47V0719, TROJ_FAKEAV.BMC, Suspicious_GEN.F47V0113
40.00%

Malwarebytes
PUP.Optional.InstallIQ.A, PUP.Optional.InstallCore, PUP.Optional.Bitberry
33.33%

Baidu Antivirus
Trojan.Win32.InstallIQ, Trojan.Win32.Agent, Adware.Win32.InstallCore
33.33%

Fortinet FortiGate
Riskware/InstallCore, Riskware/FileTypeAssistant
30.00%

Rising Antivirus
PE:PUF.InstallIQ!1.9E4F, PE:Malware.XPACK-LNR/Heur!1.5594
23.33%

The domain bitberry.cachefly.net has been seen to resolve to the following IP address.

vip1.g.cachefly.net
December 26, 2013

File downloads found at URLs served by bitberry.cachefly.net.

1 / 68      (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (3e785b4830bf7d301ad084bc811811f7)

3 / 68      (Adware)

1 / 68      (Adware)

11 / 68    (PUP)

16 / 68    (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (89465b284ca0d6b62ce56c775a640ebc)

9 / 68      (Adware)

8 / 68      (Adware)

10 / 68    (PUP)

12 / 68    (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (e8e6486cba16224692a2dadd637db8a9)

11 / 68    (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (9736da48565c2b259e15c76d52639c22)

9 / 68      (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (a10501a6934622a464b1f7c8225ee603)

9 / 68      (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (eb2c3845c76f24387d54cabfb270eeea)

19 / 68    (PUP)

1 / 68      (Adware)

14 / 68    (PUP)

13 / 68    (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (1a0f2cf45a731f85bd59555130c006de)

12 / 68    (Adware)

7 / 68      (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (d466f073a7f1ad8314658ae0fd835c44)

5 / 68      (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (534e69246bac52830b26601a9cf206b6)

21 / 68    (PUP)
http://bitberry.cachefly.net/icdlm/.../BitZipperSetup.exe  (fbc6b9d2b10a3057193e6d3ccef664ae)

1 / 68      (PUP)

11 / 68    (PUP)

14 / 68    (PUP)

1 / 68      (PUP)

17 / 68    (PUP)

11 / 68    (Adware)

8 / 68      (Adware)

1 / 68      (PUP)

The following 197 files have been seen to comunicate with bitberry.cachefly.net in live environments.

 
Latest 20 of 267 files

URL:
http://bitberry.cachefly.net/

SSL certificate subject:
CN=*.cachefly.net, O=CacheNetworks LLC, L=Chicago, S=Illinois, C=US

SSL certificate issuer:
CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Web server:
CFS 0213