dl.down324.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.down324.com is registered by proxy through GODADDY.COM, LLC and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Remove Malware from dl.down324.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Wednesday, July 17, 2013

Expires date:
Sunday, July 17, 2016

Updated date:
Saturday, July 18, 2015

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Rising Antivirus
PE:Trojan.Zbot!6.103C, PE:Backdoor.Hupigon!6.1FD, PE:PUF.FirseriaInstaller@CV!1.5C42, PE:PUF.FirseriaInstaller@CV!1.9C54
100.00%

K7 Gateway Antivirus
Unwanted-Program
100.00%

K7 AntiVirus
Unwanted-Program , Trojan
100.00%

Comodo Security
ApplicUnwnt, Application.Win32.Solimba.L, TrojWare.Win32.Trojan.Obfuscated.~EN, Application.Win32.AirAdInstaller.A
100.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/Solimba.Gen, TR/Crypt.XPACK.Gen, ADWARE/Adware.Gen
100.00%

AVG
Agent.F, Adware Skodna.Generic.AMG, Adware BundleApp.H, Generic_r
100.00%

Reason Heuristics
PUP.Installer.Conversionads.T, PUP.Installer.BechiroSL.F, PUP.Installer.Solimba, PUP.Air Software.AirSoftware.Bundler (M), PUP.Solimba.Bechiro.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.Solimba, PUP.Optional.Firseria, PUP.Optional.AirAdInstaller
95.83%

Sophos
Conversion Ads, Solimba Installer, PUA 'Solimba Installer', AirInstaller
95.83%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4782980, DownloadMR, Threat.4150696, Iminent
95.83%

SUPERAntiSpyware
PUP.InstallCore/Variant, Adware.Solimba/Variant, Adware.AirInstaller/Variant
95.83%

IKARUS anti.virus
SoftwareBundler, PUA.Bechiro, Trojan.Patched, Win32.Malware
95.83%

Dr.Web
Adware.Downware.1302, Adware.Downware.1433, Adware.Downware.2035
95.83%

Vba32 AntiVirus
Signed-Downware.Morstar.BechiroSL, TScope.Trojan.MSIL, AdWare.AirAdInstaller.ajov
95.83%

NANO AntiVirus
Trojan.Win32.Generic.cskuge, Trojan.Win32.Firser.dmoatt, Riskware.Win32.AirAdInstaller.cwbkcs
95.83%

The domain dl.down324.com has been seen to resolve to the following 7 IP addresses.

ec2-54-225-92-8.compute-1.amazonaws.com
May 3, 2015

ec2-54-225-146-71.compute-1.amazonaws.com
May 3, 2015

ec2-54-235-219-29.compute-1.amazonaws.com
December 2, 2014

ec2-75-101-142-114.compute-1.amazonaws.com
December 2, 2014

ec2-54-197-235-95.compute-1.amazonaws.com
September 3, 2014

ec2-75-101-156-240.compute-1.amazonaws.com
September 3, 2014

hadl.lw100.1e111.net
August 29, 2013

File downloads found at URLs served by dl.down324.com.

25 / 68    (Adware)
http://dl.down324.com/n/3.0.17.6/.../Setup.exe  (f4a9f9fbd33bbb5b942cf36a080a8f72)

1 / 68
http://dl.down324.com/n/.../Setup.exe  (vlc-2.1.1-win32.exe)

36 / 68    (Adware)
http://dl.down324.com/n/3.0.18.4/.../Setup.exe  (0872ca2377f46a262e1738989ca9a9ca)

29 / 68    (Adware)
http://dl.down324.com/n/3.0.17.6/.../Setup.exe  (d634d77e9e775ca59fdd0037388cbfec)

29 / 68    (Adware)
http://dl.down324.com/n/.../Setup.exe  (d634d77e9e775ca59fdd0037388cbfec)

24 / 68    (Adware)
http://dl.down324.com/n/3.0.17.6/.../Setup.exe  (f73d5a231ce9700c1b1d427b735aae05)

24 / 68    (Adware)
http://dl.down324.com/n/.../Setup.exe  (f73d5a231ce9700c1b1d427b735aae05)

0 / 68
http://dl.down324.com/n/3.0.18.1/.../Setup.exe  (08b037e7f14b8a5484bd0486f54d9c3a)

Facebook:
Shares:  3

Statistics are for the previous month.

Remove Malware from dl.down324.com - Powered by Reason Core Security