home

black-files.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain black-files.com is registered by proxy through ENOM, INC. and was originally registered in November of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Saturday, November 26, 2011

Expires date:
Wednesday, November 26, 2014

Updated date:
Sunday, December 1, 2013

ASN:
AS16276 OVH OVH SAS,FR

Whois:
1 black-files.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.R0CBH07D714
100.00%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
100.00%

NANO AntiVirus
Trojan.Win32.Generic.cthmwf
100.00%

Dr.Web
Adware.Downware.2081
100.00%

Qihoo 360 Security
Win32/Virus.Downloader.dd3
100.00%

The domain black-files.com has been seen to resolve to the following IP address.

37.187.56.97
ns3357213.ip-37-187-56.eu
May 24, 2014

File downloads found at URLs served by black-files.com.

5 / 68      (PUP)
http://black-files.com/.../usetup_325.exe  (61f164622b447b65b3888dec435eb1f0)

The following file have been seen to comunicate with black-files.com in live environments.

TCP » 37.187.56.97:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://black-files.com/

Web server:
Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1

itorrents.net

tiiny.me

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.