home

dl.getz.tv

N/A

Domain Information

The domain dl.getz.tv registered by N/A was initially registered in December of 2012 through DOMAINCONTEXT, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pokrovka, Primor'Ye within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
DOMAINCONTEXT, INC.

Server location:
Primor'Ye, Russia (RU)

Create date:
Tuesday, December 4, 2012

Updated date:
Friday, October 16, 2015

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.,RU

Root domain:
getz.tv

Whois:
3 getz.tv records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DestinyMedia.o, PUP.DestinyMedia.Installer (M), PUP.DestinyM.Installer (M), PUP (M)
100.00%

Malwarebytes
PUP.Optional.Zona
3.33%

K7 AntiVirus
Unwanted-Program
3.33%

Trend Micro House Call
TROJ_GEN.F47V0410
3.33%

avast!
Win32:Malware-gen
3.33%

Agnitum Outpost
PUA.ZvuZona
3.33%

Sophos
Zona Installer
3.33%

Avira AntiVirus
Adware/ZvuZona.A
3.33%

Vba32 AntiVirus
Signed-Downware.ZvuZona
3.33%

ESET NOD32
Win32/ZvuZona (variant)
3.33%

Rising Antivirus
PE:PUF.Zona!1.9E06
3.33%

Fortinet FortiGate
Riskware/ZvuZona
3.33%

Qihoo 360 Security
HEUR/Malware.QVM18.Gen
3.33%

The domain dl.getz.tv has been seen to resolve to the following IP address.

46.254.16.107
dl.zona.ru
April 16, 2014

File downloads found at URLs served by dl.getz.tv.

1 / 68      (PUP)
http://dl.getz.tv/.../ZonaWebSetup.exe  (blue_stone_electronic_new_age_mp3_kollektsiya_albomov.exe)

1 / 68      (PUP)
http://dl.getz.tv/tmp/c8/48/.../call_of_duty_black_ops.exe  (4d1ce075f01dbb1db4c66d65c24a20ce)

13 / 68    (PUP)
http://dl.getz.tv/tmp/e1/0a/.../disco_kat_mandu_-_i_wanna_dance_-_1995_flac_image_.cue_lossless.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

13 / 68    (PUP)
http://dl.getz.tv/tmp/8e/33/.../mathcad_14.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

13 / 68    (PUP)
http://dl.getz.tv/tmp/5a/72/.../microsoft_office_2010_polnaya_versiya.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

13 / 68    (PUP)
http://dl.getz.tv/tmp/0c/00/.../waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe  (b1fb95b5fc4e636d332769f5dcfb685d)

The following 10 files have been seen to comunicate with dl.getz.tv in live environments.

TCP » 46.254.16.107:80
zona.exe (Zona by Destiny Media)

TCP » 46.254.16.107:80
zona.exe (Zona by Destiny Media)

TCP » 46.254.16.107:80
zonasetup_latest.exe

TCP » 46.254.16.107:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 46.254.16.107:80
zona.exe (Zona by Destiny Media)

TCP » 46.254.16.107:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 46.254.16.107:80
zona.exe

TCP » 46.254.16.107:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 46.254.16.107:80
{5b8ef8f0-4707-4f0b-9d13-e609bf68d768} (Zona installer by Destiny Media)

TCP » 46.254.16.107:80
zonasetup_1.0.0.0.exe

zona.ru

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.