dl.wasdmr.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.wasdmr.com is registered by proxy through GODADDY.COM, LLC and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Remove Malware from dl.wasdmr.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Friday, July 05, 2013

Expires date:
Sunday, July 05, 2015

Updated date:
Sunday, July 06, 2014

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FIRSERIASL.J, PUP.Installer.FIRSERIASL.H, PUP.FIRSERIASL.K, PUP.Installer.BechiroSL.E, PUP.Installer.BechiroSL.R, PUP.Installer.PopelerSystemsl.O, PUP.Installer.EilioDevelopmentssl.Q, PUP.Installer.BechiroSL.M, PUP.Solimba.Bechiro.Bundler (M), PUP.Solimba.PortalProgramas (M)
100.00%

Malwarebytes
PUP.Optional.Solimba.mr, PUP.Optional.Firseria, .PUP.Optional.Solimba
93.75%

VIPRE Antivirus
DownloadMR, Trojan.Win32.Generic, Threat.4782980, Threat.4150696
93.75%

Avira AntiVirus
TR/Dropper.Gen, APPL/Firseria.Gen, APPL/Solimba.Gen, APPL/Firseria.Gen8
93.75%

ESET NOD32
MSIL/Solimba.AB, Win32/FirseriaInstaller (variant)
83.33%

avast!
MSIL:Crypt-KA [PUP], Win32:Solimba-M [PUP], Solimba-Z [PUP]
81.25%

Boost by Reason
Optional.FIRSERIASL.J, Adware.Installer.FIRSERIASL.H
77.08%

Dr.Web
Adware.Downware.1424, Adware.Downware.1433, Adware.Downware.1302, Trojan.DownLoader11.24441
27.08%

Sophos
Solimba Installer, PUA 'Solimba Installer'
27.08%

AVG
AdInstaller.Firseria, Adware AdInstaller.Firseria, Skodna.Generic, Adware Skodna.Generic.AMG
27.08%

Agnitum Outpost
PUA.Solimba, PUA.Downloader
25.00%

G Data
Gen:Application.Bundler.Firseria, Gen:Variant.Application.Bundler.Kazy.132995, MSIL.Application.Solimba, Win32.Application.Solimba
22.92%

Comodo Security
Application.Win32.Solimba.J, TrojWare.Win32.Trojan.Obfuscated.~EN, Application.Win32.Solimba.L, Application.Win32.Solimba.LSW
20.83%

SUPERAntiSpyware
Adware.Solimba, PUP.Morstar/Variant, Adware.Solimba/Variant
20.83%

IKARUS anti.virus
AdWare, AdWare.BundleApp, not-a-virus:Downloader.Morstar, not-a-virus:Downloader.NSIS
20.83%

The domain dl.wasdmr.com has been seen to resolve to the following 21 IP addresses.

a23-62-7-41.deploy.static.akamaitechnologies.com
November 29, 2014

a23-62-7-57.deploy.static.akamaitechnologies.com
November 29, 2014

a23-0-160-32.deploy.static.akamaitechnologies.com
September 21, 2014

a23-0-160-82.deploy.static.akamaitechnologies.com
September 21, 2014

a23-0-160-49.deploy.static.akamaitechnologies.com
September 21, 2014

ip-69-31-29-231.nlayer.net
September 18, 2014

ip-69-31-29-191.nlayer.net
September 18, 2014

a23-62-6-90.deploy.static.akamaitechnologies.com
September 18, 2014

a23-62-6-51.deploy.static.akamaitechnologies.com
September 18, 2014

a23-67-242-56.deploy.static.akamaitechnologies.com
April 29, 2014

a23-67-242-58.deploy.static.akamaitechnologies.com
April 29, 2014

a23-67-242-96.deploy.static.akamaitechnologies.com
December 27, 2013

a23-67-242-114.deploy.static.akamaitechnologies.com
December 27, 2013

a23-67-244-163.deploy.static.akamaitechnologies.com
November 16, 2013

a23-67-244-131.deploy.static.akamaitechnologies.com
November 16, 2013

November 16, 2013

November 16, 2013

a23-67-243-18.deploy.static.akamaitechnologies.com
November 16, 2013

a23-67-243-91.deploy.static.akamaitechnologies.com
November 16, 2013

a23-67-242-27.deploy.static.akamaitechnologies.com
November 16, 2013

a23-67-242-66.deploy.static.akamaitechnologies.com
November 16, 2013

File downloads found at URLs served by dl.wasdmr.com.

27 / 68    (Adware)
http://dl.wasdmr.com/n/3.0.15.2/.../Google Chrome.exe  (134e3efbed3794ab21b2158e90853784)

1 / 68      (Adware)
http://dl.wasdmr.com/n/3.0.21/.../Nuestro cuerpo.exe  (3c88a9c038e8b92e5aec7f02d4b4f1d1)

1 / 68      (Adware)
http://dl.wasdmr.com/n/3.0.17.6/.../CutePDF Writer.exe  (0a5dca1251fde2366419b8dd21431b7d)

21 / 68    (Adware)
http://dl.wasdmr.com/n/3.0.17.6/.../Free Live TV.exe  (652301c03569c1f0e9a235722be89ee7)

29 / 68    (Adware)
http://dl.wasdmr.com/n/3.1.22.18.2/.../File_installer.exe  (2123eabd88854e3ff1af3952a49027db)

35 / 68    (Adware)
http://dl.wasdmr.com/n/.../FLV_Media_Player.exe  (5f5a213765f8729c8d3874ad27b01e3a)

29 / 68    (Adware)
http://dl.wasdmr.com/n/.../File_installer.exe  (2123eabd88854e3ff1af3952a49027db)

1 / 68      (Adware)
http://dl.wasdmr.com/n/3.0.15.3/.../Samsung PC Studio.exe  (cc7fd436d554cd2202050c0259d484b8)

1 / 68      (Adware)
http://dl.wasdmr.com/n/3.0.15.2/.../Samsung PC Studio.exe  (cc7fd436d554cd2202050c0259d484b8)

15 / 68    (Adware)
http://dl.wasdmr.com/n/3.0.17.6/.../IMVU.exe  (2bed956117da1be16e506ec659bf1966)

19 / 68    (Adware)
http://dl.wasdmr.com/n/3.0.21/.../DVD Shrink.exe  (1b3219d3df628e07717a27e0e8188b59)

8 / 68      (Adware)
http://dl.wasdmr.com/n/3.0.18.1/.../ImgBurn.exe  (620bff3439ed3388954f5d20e750df6a)

7 / 68      (Adware)

28 / 68    (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

 
Latest 30 of 126 download URLs

The following 193 files have been seen to comunicate with dl.wasdmr.com in live environments.

 
Latest 20 of 193 files

URL:
http://dl.wasdmr.com/

Web server:
nginx (PHP/5.5.18)

Remove Malware from dl.wasdmr.com - Powered by Reason Core Security