home

cloudapp4u.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain cloudapp4u.com is registered by proxy through ENOM, INC. and was originally registered in July of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Overland Park, Kansas within the United States which resides on the Codero network.
Registrar:
ENOM, INC.

Server location:
Kansas, United States (US)

Create date:
Thursday, July 19, 2012

Expires date:
Tuesday, July 19, 2016

Updated date:
Wednesday, June 24, 2015

ASN:
AS10316 CODERO-AS - Codero

Whois:
2 cloudapp4u.com records

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallX.Bundle, PUP.MaxSetup.O, PUP.Installer.InstallX.T, PUP.Installer.InstallX.W, PUP.Installer.InstallX.X, PUP.InstallX.Installer (M), PUP.installCore.ISfreemi (M)
88.89%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.InstallIQ, PUP.Optional.InstallIQ.A
55.56%

VIPRE Antivirus
InstallCore.b, InstallIQ Installer
55.56%

ESET NOD32
Win32/InstallCore.LB (variant), Win32/InstallIQ (variant)
55.56%

Sophos
Install Core Click run software, InstallQ
44.44%

Dr.Web
Trojan.Packed.24524, Adware.Downware.1426, Adware.W3i.32
33.33%

Avira AntiVirus
ADWARE/InstallCore.Gen7, Adware/InstallIQ.AH.1, APPL/InstallIQ.Gen5
33.33%

AVG
MalSign.InstallC, AdInstaller.InstallQ, InstallIQ.W
33.33%

IKARUS anti.virus
AdWare.InstallIQ, APPL
33.33%

Trend Micro House Call
TROJ_GEN.F47V0817, Suspicious_GEN.F47V1106, TROJ_GEN.F47V0808
33.33%

McAfee
Artemis!16D1ADE77654, Artemis!F72693DF33E0
22.22%

Comodo Security
Application.Win32.InstallIQ.~S, Application.Win32.InstallIQ.B
22.22%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
11.11%

F-Secure
Application:W32/Generic.70053c248f!Online
11.11%

Bkav FE
W32.Clod966.Trojan
11.11%

The domain cloudapp4u.com has been seen to resolve to the following 3 IP addresses.

67.225.221.139
February 6, 2016

192.95.36.78
April 14, 2014

64.150.190.174
64-150-190-174.dedicated.codero.net
February 7, 2014

File downloads found at URLs served by cloudapp4u.com.

1 / 68      (Adware)
http://cloudapp4u.com/.../download-candy-crush  (candyinstaller.exe)

2 / 68      (PUP)
http://cloudapp4u.com/games/candy-crush-saga/.../  (7z920.exe)

12 / 68    (Adware)
http://cloudapp4u.com/.../program-starter/s1/.../  (programstarter_1455.exe)

16 / 68    (Adware)
http://cloudapp4u.com/.../program-starter/.../  (programstarter_d3371799.exe)

6 / 68      (Adware)
http://cloudapp4u.com/freecandy/.../download/  (programstarter_1455.exe)

1 / 68      (Adware)
http://cloudapp4u.com/games/candy-crush-saga/.../download/  (programstarter_339.exe)

5 / 68      (Adware)
http://cloudapp4u.com/games/candy-crush-saga/.../download/  (programstarter_339.exe)

9 / 68      (Adware)
http://cloudapp4u.com/freecandy/.../CandyInstaller.exe  (8928f998e616583f50f7c84d34236d9c)

2 / 68      (false positives)
http://cloudapp4u.com/games/street-cleaning-simulator/.../  (wrar420.exe)

2 / 68      (false positives)
http://cloudapp4u.com/.../program-starter/.../  (wrar420.exe)

URL:
http://cloudapp4u.com/

Title:
“FreeApps Download, Free Windows, iPhone & iPad, Android Apps Download. | Cloudapp4u.com”

Description:
“Get the best free Android,iPhone & iPad,Windows apps on FreeNew.Top Mobile and PC apps download referral site.”

Web server:
Apache (PleskLin)

softdownload1.com

softdownload3.com

softdownload4.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.