dde.de.drive-files-b.com

Perion Network Ltd.

Domain Information

The domain dde.de.drive-files-b.com registered by Client Connect Ltd. was initially registered in May of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Perion Network Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
Texas, United States (US)

Create date:
Sunday, May 05, 2013

Expires date:
Sunday, January 01, 2017

Updated date:
Tuesday, January 06, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ClientConnect.M, PUP.Installer.ClientConnect.P, PUP.Perion.T, PUP.ClientConnect.AA, PUP.Win.Reputation, PUP.Perion.V, PUP.Perion Partner.PaloAltoTechnologies.Bundler (M), PUP.Conduit.ClientConnect.Installer (M), PUP.Perion.Bundler (M), PUP.Perion.Bundler.Conduit (M), PUP.Perion.Bundler.Conduit.Installer (M), PUP.Conduit.ClientCo.Installer (M), PUP.Perion Partner.PaloAlto.Bundler (M), PUP.Conduit.Installer (M)
97.96%

Dr.Web
Adware.Conduit.87, Adware.Downware.1895, Trojan.PWS.Stealer.13174, Adware.Conduit.96
28.57%

VIPRE Antivirus
Threat.4786236, Conduit, Trojan.Win32.Generic
26.53%

ESET NOD32
Win32/Toolbar.Conduit.AE, Win32/ClientConnect (variant), Win32/Toolbar.Conduit.AB (variant)
26.53%

avast!
Adware-BRM [PUP], Win32:Adware-BRM [PUP], Win32:Adware-gen [Adw]
22.45%

Malwarebytes
PUP.Optional.ClientConnect, PUP.Optional.Conduit, PUP.Optional.Conduit.A
22.45%

Trend Micro House Call
TROJ_GEN.F47V0606, Suspicious_GEN.F47V0623, TROJ_GEN.F47V0512, Suspicious_GEN.F47V0616, TROJ_GEN.F47V0505, Suspicious_GEN.F47V0721, Suspicious_GEN.F47V0711
20.41%

Baidu Antivirus
Adware.Win32.Conduit, Adware.Win32.Perinet, PUA.Win32.Perinet, Trojan.Win32.ClientConnect, Adware.Win32.Toolbar, PUA.Win32.ClientConnect
20.41%

Fortinet FortiGate
Riskware/Toolbar_Conduit, Riskware/ClientConnect, Riskware/Agent
20.41%

AVG
Generic
16.33%

IKARUS anti.virus
PUA.ClientConnect, PUA.Toolbar.Conduit
12.24%

Kaspersky
not-a-virus:WebToolbar.Win32.Perinet, not-a-virus:WebToolbar.Win32.Agent
12.24%

McAfee
Artemis!AFBB9E4BEC37, Artemis!89E9899B9041, Artemis!4D681B5C1684, Artemis!824461472DD8, RDN/Generic PUP.x!c2r
10.20%

McAfee Web Gateway
Artemis!AFBB9E4BEC37, Artemis!89E9899B9041, Artemis!BFFFB21FD6CE, RDN/Generic PUP.x!c2r
10.20%

ESET NOD32
Win32/ClientConnect.A potentially unwanted application, Win32/Toolbar.Conduit.AE potentially unwanted application
6.12%

The domain dde.de.drive-files-b.com has been seen to resolve to the following 78 IP addresses.

a104-96-221-139.deploy.static.akamaitechnologies.com
July 25, 2016

a104-96-221-107.deploy.static.akamaitechnologies.com
July 22, 2016

a104-96-221-83.deploy.static.akamaitechnologies.com
July 22, 2016

209.66.87.35.IPYX-073920-004-ZYO.zip.zayo.com
July 18, 2016

209.66.87.32.IPYX-073920-004-ZYO.zip.zayo.com
July 18, 2016

June 27, 2016

June 27, 2016

a104-96-220-129.deploy.static.akamaitechnologies.com
June 8, 2016

June 8, 2016

June 8, 2016

June 6, 2016

June 6, 2016

a104-96-220-160.deploy.static.akamaitechnologies.com
May 18, 2016

a104-96-220-136.deploy.static.akamaitechnologies.com
May 18, 2016

April 16, 2016

a23-3-13-200.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-193.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-249.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-226.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-211.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-208.deploy.static.akamaitechnologies.com
April 13, 2016

a23-3-13-224.deploy.static.akamaitechnologies.com
April 10, 2016

a23-3-13-203.deploy.static.akamaitechnologies.com
April 10, 2016

a23-3-13-240.deploy.static.akamaitechnologies.com
April 10, 2016

a23-0-160-88.deploy.static.akamaitechnologies.com
February 10, 2016

a23-0-160-99.deploy.static.akamaitechnologies.com
February 1, 2016

a23-0-160-89.deploy.static.akamaitechnologies.com
February 1, 2016

February 1, 2016

February 1, 2016

a23-62-236-35.deploy.static.akamaitechnologies.com
May 4, 2015

 
Showing 30 of 78 IP Addresses

File downloads found at URLs served by dde.de.drive-files-b.com.

11 / 68    (Adware)

 
Latest 30 of 370 download URLs

The following 390 files have been seen to comunicate with dde.de.drive-files-b.com in live environments.

 
Latest 20 of 449 files

URL:
http://dde.de.drive-files-b.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET)