home

directx12.joydownload.com.br

lars jensen

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
joydownload.com.br

Whois:
1 joydownload.com.br record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Adware-Opencandy, Artemis!A2199F4D5E46
100.00%

Malwarebytes
PUP.Optional.OpenCandy
100.00%

Trend Micro House Call
Suspici.F184F561, Suspici.218D75EB
100.00%

VIPRE Antivirus
Opencandy, Sevas-S Installer
100.00%

ESET NOD32
Win32/JoyDownloader
100.00%

IKARUS anti.virus
PUA.JoyDownloader
100.00%

AVG
Generic
100.00%

Reason Heuristics
PUP.InnovativeSystems.E
100.00%

Agnitum Outpost
Riskware.Agent
50.00%

Dr.Web
Adware.Downware.6712
50.00%

Avira AntiVirus
APPL/Downloader.Gen
50.00%

G Data
Win32.Adware.OpenCandy
50.00%

Baidu Antivirus
Adware.Win32.JoyDownloader
50.00%

K7 AntiVirus
Unwanted-Program
50.00%

avast!
Win32:Adware-gen [Adw]
50.00%

The domain directx12.joydownload.com.br has been seen to resolve to the following 4 IP addresses.

23.21.241.197
ec2-23-21-241-197.compute-1.amazonaws.com
December 2, 2014

23.23.159.111
ec2-23-23-159-111.compute-1.amazonaws.com
December 2, 2014

107.22.254.230
ec2-107-22-254-230.compute-1.amazonaws.com
September 27, 2014

184.73.244.120
ec2-184-73-244-120.compute-1.amazonaws.com
September 27, 2014

File downloads found at URLs served by directx12.joydownload.com.br.

8 / 68      (Adware)
http://directx12.joydownload.com.br/get_file/wUiS4WnYccXDyCf4UfO5CV530RJ0YyqsWxL7as6H7KFjviG2o2pgwJgEK031PuSgayb 0l8bOGGGCeGkCr50ybpq1oXEUx6apiX BwX9u3GtzayFvNKbm2VBs5cxh1FCXWSsSTR3ntF2vTnxGWmeSq4bkZm1aHBEerJxJRsFIe uAmh0O8TILAkjhKnlFC43c8b41 cnWyH66xiajvQ1DpO5cMutanlf2ci2XuMglQ9DtNSon1O7ZKJ/hXjuAs5Du4/.../kxdYHGS7rFAzxsZGp  (dx11.exe)

16 / 68    (Adware)
http://directx12.joydownload.com.br/get_file/wUiS4WnYccXEwj /TeqjC1c0kw48PjymGR37ZdjRvOh152b0sDErn8kFbk3lYqn9OmG3g15ZMmmeT7DkWOlmivwimNSWRAaY9T2sVQSi6z/3ivfDpZrSk2lZ5dEiiBZIVXy1Cyx 18kq9Dm8AzeLS/.../CGOo5AWTyKouFpn esCkfXlfzcr F 0ujUtMsd3vhhvyZqBnw2SnAtEIppKpSDrjsJuC2XV0db0aT4I2enUguvDnRE5zhVW60ddWEiTpBwv7sZGp  (dx11.exe)

The following file have been seen to comunicate with directx12.joydownload.com.br in live environments.

TCP » 23.21.241.197:80
install_flash_player-oc-jd.exe

URL:
http://directx12.joydownload.com.br/

Title:
“DirectX - Baixe DirectX 12 Coming soon em Português no JoyDownload”

Description:
“O DirectX foi criado para quem quer jogar com os melhores gráficos, uma rede rápida e com uma sistema de som de primeira - Baixe DirectX última versão aqui.”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.7.6 (PHP/5.3.10-1ubuntu3.8)

Facebook:
Shares:  33

Twitter:
Shares:  1

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.