cdn.file2desktop.com

OutBrowse LTD

Domain Information

The domain cdn.file2desktop.com registered by OutBrowse LTD was initially registered in July of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Monday, July 15, 2013

Expires date:
Friday, July 15, 2016

Updated date:
Thursday, July 16, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Babylon.9, Adware.Conduit.6, Adware.Conduit.21, Adware.Downware.1664, Adware.Downware.1353, Adware.Downware.1676
60.00%

Baidu Antivirus
Adware.Win32.Toolbar, Trojan.Win32.OutBrowse, Adware.Win32.OutBrowse, PUA.Win32.OutBrowse, Trojan.Win32.StartPage, Trojan.Win32.Inject
57.14%

NANO AntiVirus
Trojan.Win32.Babylon.cbibuv, Trojan.Win32.Conduit.cnlzzm, Trojan.Win32.OutBrowse.crkqqe, Trojan.Win32.Babylon.cezitv, Trojan.Win32.Babylon.cdsyuj, Trojan.Win32.Generic.dbxkzp
54.29%

Kaspersky
not-a-virus:WebToolbar.Win32.Toolbar, not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.Win32.OutBrowse, Trojan.Win32.StartPage, not-a-virus:AdWare.MSIL.OutBrowse
54.29%

ESET NOD32
Win32/Toolbar.Babylon, Win32/Toolbar.Conduit, Win32/OutBrowse (variant), Win32/Toolbar.Babylon (variant), Win32/OutBrowse.AI (variant), NSIS/Adware.Agent
54.29%

Malwarebytes
PUP.Optional.Babylon.A, PUP.Optional.Conduit.A, PUP.Optional.Smart, PUP.Optional.RegCleanerPro, PUP.Optional.MixiToolBar.A, PUP.Optional.ShoppingHelper.A, PUP.Optional.OutBrowse, PUP.Optional.SavePass.A
51.43%

Trend Micro House Call
TROJ_GEN.R047H01H613, TROJ_GEN.R047H07KK13, TROJ_GEN.F47V1130, TROJ_GEN.F47V1126, TROJ_GEN.F47V1125, TROJ_GEN.F47V0904, TROJ_GEN.R0CBH07L713
51.43%

Kingsoft AntiVirus
Win32.Troj.Toolbar.x.(kcloud), VIRUS_UNKNOWN, Win32.Troj.Generic.a.(kcloud), Win32.Troj.OutBrowse.k.(kcloud)
51.43%

Vba32 AntiVirus
Downloader.OutBrowse, suspected of Trojan.Downloader.gen.h
45.71%

McAfee
Artemis!465016474C41, Artemis!C3015E208473, Artemis!A88B3E7D5F44, Artemis!3084E250299E, Artemis!4DCFD1CAEFCC, Artemis!15B8E8574376, Artemis!B2EFAB53D4F0, Trojan.Artemis!5C8DD4561380
42.86%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.G, Artemis!C3015E208473, Artemis!A88B3E7D5F44, Artemis!3084E250299E, Artemis!15B8E8574376, BehavesLike.Win32.Dropper.qh
40.00%

Fortinet FortiGate
Riskware/Toolbar, Riskware/NSIS_OutBrowse, Riskware/OutBrowse, W32/Dloader.X!tr
37.14%

VIPRE Antivirus
Conduit, OutBrowse, Trojan.Win32.Generic, Wajam, Threat.4823950
37.14%

Reason Heuristics
Unnamed.Threat.15, PUP.OutBrowse.H, PUP.OutBrowse.E, PUP.OutBrowse.I, PUP.OutBrowse.J, PUP.OutBrowse.F, (M), PUP.Wajam.G, PUP.ShoppingHelper.SHelp2.Installer.Meta (M)
37.14%

K7 Gateway Antivirus
Trojan , Riskware , Unwanted-Program , Adware
34.29%

The domain cdn.file2desktop.com has been seen to resolve to the following 4 IP addresses.

226-124-232-198.static.unitasglobal.net
September 15, 2014

228-124-232-198.static.unitasglobal.net
April 14, 2014

224-124-232-198.static.unitasglobal.net
February 15, 2014

December 22, 2013

File downloads found at URLs served by cdn.file2desktop.com.

0 / 68
http://cdn.file2desktop.com/.../wavtomp3_setup.exe  (013a84c7ce8fb28e7d451fb59de7f5b8)

3 / 68      (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_Setup2.exe  (6d43788c1dc99f6ee108eac0acf92721)

18 / 68    (Adware)

8 / 68      (PUP)
http://cdn.file2desktop.com/.../YouTubeAccelerator2-7.exe  (9b73316776cc645fe2d8e9b64b4061d1)

6 / 68      (PUP)

12 / 68    (PUP)
http://cdn.file2desktop.com/.../Boxore20150812.exe  (e59ea3764cebbcd649ec8ef479c6c03e)

15 / 68    (PUP)
http://cdn.file2desktop.com/.../SearchProtectINTSetup.exe  (465016474c413bd4126561b111a3d0e1)

21 / 68    (PUP)
http://cdn.file2desktop.com/.../MixiYD.exe  (4dcfd1caefcc51e8586ec7ed340625d6)

13 / 68    (PUP)
http://cdn.file2desktop.com/.../MixiYD2.exe  (725537d18ef9c12e4f0b91d0168d4750)

6 / 68      (PUP)

1 / 68      (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_2011.exe  (f0e408d7714e37084bfe2cafd992e7e2)

18 / 68    (Adware)

4 / 68      (Malware)
http://cdn.file2desktop.com/.../VuuPC2_Installer.exe  (e25faea98d7d7d13a24279e5d6d1d5c1)

18 / 68    (PUP)

5 / 68      (PUP)
http://cdn.file2desktop.com/.../Shopop2_20140805.exe  (29e51e39bcc70a616e0f940013078793)

11 / 68    (PUP)
http://cdn.file2desktop.com/.../MixiYD4.exe  (5cb31c0bb00c6c6dc4dbfb13a311a777)

9 / 68      (PUP)
http://cdn.file2desktop.com/.../WebsSearches_Installer.exe  (webssearches_installer_20140723.exe)

6 / 68      (PUP)

15 / 68    (PUP)

4 / 68      (PUP)
http://cdn.file2desktop.com/.../Moozy.exe  (05753f056fada195a0c3b967699d308f)

2 / 68      (PUP)

7 / 68      (PUP)
http://cdn.file2desktop.com/.../RegCleanSetup10.exe  (68a0d1520196a0ab90932cce8e893580)

8 / 68      (PUP)

7 / 68      (PUP)

5 / 68      (PUP)
http://cdn.file2desktop.com/.../AmazingTab20151027.exe  (4e3696750d89d78cc7590630ce1f3d2b)

6 / 68      (PUP)
http://cdn.file2desktop.com/.../SearchProtectIM_Setup.exe  (01a0350a6d6e1ec5870e3c85fe4b1978)

3 / 68      (inconclusive)

15 / 68    (PUP)

 
Latest 30 of 38 download URLs

The following 26 files have been seen to comunicate with cdn.file2desktop.com in live environments.

 
Latest 20 of 29 files

URL:
http://cdn.file2desktop.com/

Web server:
NetDNA-cache/2.2