cdn1.bitberrydownload1.com

BITBERRY SOFTWARE APS

Domain Information

The domain cdn1.bitberrydownload1.com registered by BITBERRY SOFTWARE APS was initially registered in March of 2011 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States.
Registrar:
ENOM, INC.

Server location:
Illinois, United States (US)

Create date:
Wednesday, March 16, 2011

Expires date:
Thursday, March 16, 2017

Updated date:
Friday, October 18, 2013

ASN:
AS30081 CACHENETWORKS - CacheNetworks, Inc.

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.BitberrySoftware.N, PUP.BitberrySoftware.M, PUP.Installer.BitberrySoftware.FF, PUP.Installer.InstallX.Z, PUP.Optional.BitberrySoftware.L, PUP.Installer.BitberrySoftware.W, PUP.Optional.Bitberry.Installer.Meta (L), PUP.Systweak.ThePhone.Installer.Meta (L), PUP.InstallX.W3i.Installer (M), Threat.Win.Reputation.IMP
95.56%

ESET NOD32
Win32/InstallCore.CU (variant), Win32/InstallIQ (variant), Win32/InstallCore.JE.gen (variant), Win32/FileTypeAssistant (variant)
77.78%

Dr.Web
Adware.InstallCore.133, Adware.W3i.32, Trojan.Packed.2782, Trojan.MulDrop5.10078, Adware.W3i.25, Adware.W3i.9, Adware.W3i.21
75.56%

Trend Micro House Call
TROJ_GEN.F47V1122, TROJ_GEN.F47V0917, TROJ_GEN.F47V0727, TROJ_GEN.F47V0122, TROJ_GEN.F47V0726, TROJ_GEN.F47V0301, TROJ_GEN.F47V0129, TROJ_GEN.F47V1006, TROJ_GEN.RCEH1GA, Suspicious_GEN.F47V0719, TROJ_GEN.F47V1007
71.11%

VIPRE Antivirus
InstallCore.b, InstallIQ Installer, Adware.Win32.InstallCore.ba, Trojan.Win32.Generic, Threat.4150696
71.11%

Sophos
Install Core, InstallQ, Install Core Click run software
66.67%

McAfee
Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!1886DA81FC11, Artemis!2DBA2BE5BD21, Artemis!F379B3F7E536, Artemis!09E3CF9AC652, Artemis!CE96C348132A, Artemis!6588348A2A28, Artemis!245FB86D2790, Artemis!C0DB0AE8CEB7, Artemis!CA860E6B4B89
64.44%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.InstallIQ, PUP.Optional.Bitberry, PUP.Optional.InstallIQ.A
64.44%

Avira AntiVirus
Adware/InstallIQ.B.5, Adware/InstallIQ.Z, APPL/InstallIQ.Gen5, Adware/InstallCore.A.1448, PUA/InstallIQ.Gen5
64.44%

McAfee Web Gateway
Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!1886DA81FC11, Artemis!2DBA2BE5BD21, Artemis!F379B3F7E536
62.22%

K7 AntiVirus
Unwanted-Program , Riskware, Trojan
60.00%

K7 Gateway Antivirus
Unwanted-Program , Riskware, Trojan
60.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, PE:PUF.InstallIQ!1.9E4F
51.11%

Comodo Security
Application.Win32.InstallIQ.B, UnclassifiedMalware, ApplicUnwnt, Application.Win32.InstallIQ.NTZK
51.11%

Fortinet FortiGate
Adware/Fam.NB, Riskware/InstallCore_JE, Adware/InstallIQ
48.89%

The domain cdn1.bitberrydownload1.com has been seen to resolve to the following IP address.

vip1.g.cachefly.net
February 2, 2014

File downloads found at URLs served by cdn1.bitberrydownload1.com.

33 / 68    (Adware)

22 / 68    (Adware)

1 / 68      (Adware)

22 / 68    (Adware)

7 / 68      (Adware)

19 / 68    (Adware)

33 / 68    (Adware)

20 / 68    (Adware)

1 / 68      (Adware)

2 / 68      (PUP)

35 / 68    (Adware)

30 / 68    (Adware)

30 / 68    (Adware)

10 / 68    (Adware)

9 / 68      (Adware)

34 / 68    (Adware)

30 / 68    (Adware)

19 / 68    (Adware)

29 / 68    (Adware)

15 / 68    (Adware)

1 / 68      (PUP)
http://cdn1.bitberrydownload1.com/.../k9pcfsetup_2680.exe  (4647cf365b75257a2f8438e2cade937b)

14 / 68    (PUP)

1 / 68      (PUP)

24 / 68    (Adware)

15 / 68    (PUP)

19 / 68    (Adware)

14 / 68    (PUP)

6 / 68      (PUP)

19 / 68    (Adware)

2 / 68      (PUP)

 
Latest 30 of 45 download URLs

The following 197 files have been seen to comunicate with cdn1.bitberrydownload1.com in live environments.

 
Latest 20 of 267 files

URL:
http://cdn1.bitberrydownload1.com/

Web server:
CFS 0213

Compete.com:
US visitors:  165

Statistics are for the previous month.