chinese.trailsframework.org

Vittalia Internet SL

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
Soluciones Corporativas IP, SLU (R1795-LROR)

Server location:
Northern Ireland, United Kingdom (GB)

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FormulaEFTEuropaSL.?, PUP.FormulaEFTEuropaSL.k, PUP.FormulaEFTEuropaSL.a, PUP.FreeSoftware.G, PUP.VittaliaInternetSL.m, Threat.Tightrope.Bundler, PUP.Vittalia.Bundler (M), PUP.OnekitInternet.Bundler (M), PUP.installCore.FreeSoft (M), PUP.Tightrope (M), PUP.Outbrowse (M)
100.00%

Malwarebytes
PUP.Optional.Vittalia, PUP.Optional.Europa, PUP.Optional.DownloadAdmin
35.71%

Agnitum Outpost
Riskware.Agent
28.57%

Avira AntiVirus
APPL/Downloader.Gen, APPL/Downloader.Gen8, ADWARE/Adware.Gen
28.57%

AVG
Generic_r
28.57%

Dr.Web
Trojan.DownLoader10.36044, Trojan.FakeAV.17377, Adware.Downware.2220
21.43%

VIPRE Antivirus
Vittalia Installer, Threat.4783369
21.43%

avast!
Win32:Rootkit-gen [Rtk], Win32:Adware-CIX [PUP]
21.43%

ESET NOD32
probably Win32/Vittalia.R potentially unwanted application, Win32/DownloadAdmin.H potentially unwanted application
21.43%

Comodo Security
TrojWare.Win32.Agent.IEXT, Application.Win32.DownloadAdmin.ANGL
21.43%

McAfee Web Gateway
BehavesLike.Win32.CryptDoma.jh, BehavesLike.Win32.Downloader.cc
21.43%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
21.43%

herdProtect (fuzzy)
a variant of f2c7bbc8d9b9b41fd43eaa2fb65117b4037b0ceb, a variant of 628ee66d6eb95604408721fd34f48bd5bbac403c
21.43%

Antiy Labs AVL
Trojan/Win32.TSGeneric
21.43%

NANO AntiVirus
Trojan.Win32.Generic.cspepc, Riskware.Win32.Downware.djahkt
14.29%

The domain chinese.trailsframework.org has been seen to resolve to the following 3 IP addresses.

unallocated.barefruit.co.uk
May 7, 2015

August 17, 2014

ec2-54-248-149-65.ap-northeast-1.compute.amazonaws.com
March 3, 2014

File downloads found at URLs served by chinese.trailsframework.org.

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl652639.htm  (installer_epson_stylus_tx120_driver_v5_3_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl671364.htm  (installer_microsoft_powerpoint_viewer_2007_2007_traditional_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl671354.htm  (installer_guitar_pro_6_1_2_r11038_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl663048.htm  (installer_powerdvd_11_0_1719_67_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl663048.htm  (installer_powerdvd_11_0_1719_67_chinese.exe)

1 / 68      (Adware)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl663048.htm  (installer_powerdvd_11_0_1719_67_chinese.exe)

30 / 68    (Adware)
http://chinese.trailsframework.org/lv/software/.../kl677095.htm  (installer_sony_vegas_pro_13_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl32187.htm  (installer_driver_canon_lbp-1210_1_10_chinese.exe)

5 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl671486.htm  (4edd9a09d177c1b51a18d354803a6bcc.exe)

11 / 68    (Adware)
http://chinese.trailsframework.org/lv/software/.../kl674414.htm  (installer_youtube_downloader_4_7_2_chinese.exe)

1 / 68      (Adware)
http://chinese.trailsframework.org/lv/software/.../kl91252.htm  (installer_microsoft_office_word_viewer_2007_traditional_chinese.exe)

The following 230 files have been seen to comunicate with chinese.trailsframework.org in live environments.

 
Latest 20 of 230 files

URL:
http://chinese.trailsframework.org/

Google Analytics:
UA-23547102

Title:
“Windows programs”

Web server:
nginx/1.0.15

Facebook:
Shares:  2

Statistics are for the previous month.