home

cdn2.eastwhitecoal.us

Admonetizer Inc

Domain Information

The domain cdn2.eastwhitecoal.us registered by Admonetizer Inc was initially registered in May of 2013 through GoDaddy.com, Inc.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Macon, Georgia within the United States.
Registrar:
GoDaddy.com, Inc.

Server location:
Georgia, United States (US)

Create date:
Thursday, May 9, 2013

Expires date:
Thursday, May 8, 2014

Updated date:
Friday, August 16, 2013

ASN:
AS20446 HIGHWINDS3 - Highwinds Network Group, Inc.

Root domain:
eastwhitecoal.us

Whois:
1 eastwhitecoal.us record

Scanner detections:
Detections  (79% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Downware.918, Adware.Plugin.11, Adware.Babylon.9, Trojan.DownLoad3.25843, Threat.Undefined
75.00%

VIPRE Antivirus
InstallMonetizer, Yontoo, Threat.4786532
58.33%

Malwarebytes
PUP.Optional.Downware, PUP.Optional.InstallMonetizer.A, PUP.Optional.WebCake.A, PUP.Optional.Babylon.A
50.00%

SUPERAntiSpyware
Heur.Agent/Gen-WhiteBox
41.67%

Trend Micro House Call
TROJ_GEN.R0CBH08I813, TROJ_GEN.R047H01HH13, TROJ_GEN.R047H01H613, TROJ_GEN.F47V0813, TROJ_GEN.R0C1H0AHH13
41.67%

Microsoft Security Essentials
Adware:Win32/WebCake, Threat.Undefined
41.67%

ESET NOD32
Win32/InstallMonetizer.AG potentially unwanted application
41.67%

F-Prot
W32/AdAgent.AI2.gen, W32/AdAgent.AI.gen
33.33%

AVG
AdInject.WebCake, Adware BundleApp.MSC
33.33%

Reason Heuristics
PUP.Installer.WebCake.S, Unnamed.Threat.15, PUP.Installer.DuuquGroupOU.Q, Adware.Bundler (M)
33.33%

ESET NOD32
Win32/InstallMonetizer.AG, Win32/WebCake, Win32/Toolbar.Babylon
25.00%

McAfee
Artemis!110CEEB6B731, Trojan.Artemis!C849699BCA91
16.67%

Bkav FE
W32.Clod300.Trojan, W32.Clod1d1.Trojan
16.67%

Baidu Antivirus
Adware.Win32.WebCake, Adware.Win32.Toolbar
16.67%

K7 AntiVirus
Adware
8.33%

The domain cdn2.eastwhitecoal.us has been seen to resolve to the following IP address.

205.185.216.10
November 16, 2013

File downloads found at URLs served by cdn2.eastwhitecoal.us.

0 / 68
http://cdn2.eastwhitecoal.us/.../FastestChrome_installer_InstallMonetizer8locale=en-US.exe  (24a1b7f97f9715194b1a1bbfcd127191)

5 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../AresMod_PL_6541.exe  (im_am_st_pl.exe)

5 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../Tiny_download_manager_7956.exe  (c849699bca91a1f44a5d870edf1ca9c9)

12 / 68    (PUP)
http://cdn2.eastwhitecoal.us/.../MixiYD3.exe  (mixiyd2.exe)

5 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../Flvto_Downloader_Updates_7559.exe  (32105ac2719436809553023b9c2f683e)

23 / 68    (Adware)
http://cdn2.eastwhitecoal.us/.../Setup-D502DD2B71B5.exe  (fb58ca29357d25ecd447e79f61b03b67)

2 / 68      (Adware)
http://cdn2.eastwhitecoal.us/.../DuuquUpdateSetup.exe  (55f0045d54c3425e96335ebeffa29181)

5 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../All_but_babylon_6828.exe  (173956ea2d1682a3f2fe5addbb26fd32)

1 / 68
http://cdn2.eastwhitecoal.us/nsi/.../DNetworkJun2013_7992.exe  (f0b5cab4acd8a11106c1e0c0c2b462df)

6 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../InstallMonetizer_Bundle_June_2013_7993.exe  (b717407a9373843bc212d6efcf652432)

5 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../tonebytes_4929.exe  (a2326613bc0a87fbc477974718cf9e67)

0 / 68
http://cdn2.eastwhitecoal.us/.../Firefox Setup Stub 23.0.exe  (d2d24fe8e1d9f66e0b93cfec5adb813e)

4 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../Double_Router_Detector_7528.exe  (945391ba4062b36aa11654b0e9bf9f1a)

9 / 68      (PUP)
http://cdn2.eastwhitecoal.us/nsi/.../ymdownload_7949.exe  (e44b916f7e3db2fc0e2fe95adc898126)

The following 1901 files have been seen to comunicate with cdn2.eastwhitecoal.us in live environments.

TCP » 205.185.216.10:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:80
ejemidvlf.exe

TCP » 205.185.216.10:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 205.185.216.10:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 205.185.216.10:80
britches.exe (Britches)

TCP » 205.185.216.10:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 205.185.216.10:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 205.185.216.10:443
britches.exe (Britches)

TCP » 205.185.216.10:80
gestalt.exe (Gestalt)

TCP » 205.185.216.10:443
UCBrowser.exe (by UCWeb)

TCP » 205.185.216.10:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 205.185.216.10:443
seznam.cz.exe

TCP » 205.185.216.10:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 205.185.216.10:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 205.185.216.10:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 205.185.216.10:80
Aurora.exe (Aurora by AuroraBrowser.COM)

 
Latest 20 of 2,012 files

Alexa:
Global rank:  23,786,988
Backlinks:  2

Statistics are for the previous month (Alexa statistics are for entire eastwhitecoal.us).

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.