dl01.faadmr.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl01.faadmr.com is registered by proxy through GODADDY.COM, LLC and was originally registered in April of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
GODADDY.COM, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, April 25, 2013

Expires date:
Saturday, April 25, 2015

Updated date:
Saturday, April 26, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FIRSERIASL.J, PUP.FIRSERIASL.V, PUP.Installer.AppsInstallerSL.V, PUP.Installer.AppsInstallerSL.H, PUP.Installer.BechiroSL.V, PUP.Installer.AppsInstallerSL.AA, PUP.Solimba.AppsInstaller.Installer (M), PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.PopelerSystemsl.Installer (M), PUP.Solimba.PortalPr.Bundler (M), PUP.Solimba.PopelerS.Installer (M), PUP.Solimba.PortalPr (M), PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba (M)
100.00%

VIPRE Antivirus
DownloadMR, Threat.4782980
17.39%

avast!
MSIL:Crypt-KA [PUP], Solimba-C [PUP], Win32:Installer-N [PUP], Win32:Solimba-C [PUP]
15.22%

Avira AntiVirus
TR/Dropper.Gen, APPL/Solimba.Gen
15.22%

ESET NOD32
MSIL/Solimba.AB
13.04%

Dr.Web
Adware.Downware.1125, Adware.Downware.1302
13.04%

Trend Micro House Call
ADW_SOLIMBA, TROJ_GEN.F47V0515, TROJ_GEN.F47V0710, TROJ_SPNV.03KC13, TROJ_GEN.F47V0628
13.04%

Sophos
Solimba Installer, DownloadMR
13.04%

Malwarebytes
PUP.Optional.Solimba.mr
10.87%

Comodo Security
Application.Win32.Solimba.GW, UnclassifiedMalware
10.87%

K7 Gateway Antivirus
Unwanted-Program
8.70%

K7 AntiVirus
Unwanted-Program
8.70%

Agnitum Outpost
PUA.Solimba
8.70%

Trend Micro
ADW_SOLIMBA, TROJ_SPNV.03KC13
8.70%

IKARUS anti.virus
nbsp;
8.70%

The domain dl01.faadmr.com has been seen to resolve to the following 15 IP addresses.

September 4, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
August 19, 2016

a184-51-126-57.deploy.static.akamaitechnologies.com
September 5, 2014

a184-51-126-33.deploy.static.akamaitechnologies.com
September 5, 2014

a23-0-160-48.deploy.static.akamaitechnologies.com
September 2, 2014

a23-0-160-11.deploy.static.akamaitechnologies.com
September 2, 2014

a23-67-250-128.deploy.static.akamaitechnologies.com
June 21, 2014

a23-67-250-112.deploy.static.akamaitechnologies.com
June 21, 2014

a96-16-98-18.deploy.akamaitechnologies.com
December 18, 2013

a96-16-98-8.deploy.akamaitechnologies.com
December 18, 2013

a96-16-98-112.deploy.akamaitechnologies.com
December 18, 2013

a23-67-242-35.deploy.static.akamaitechnologies.com
November 16, 2013

a23-67-242-10.deploy.static.akamaitechnologies.com
November 16, 2013

November 16, 2013

a23-67-243-96.deploy.static.akamaitechnologies.com
November 16, 2013

File downloads found at URLs served by dl01.faadmr.com.

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.21/.../Calcular Nomina.exe  (50ac03ea264c8a211ee412be779042c9)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../Polar Golfer.exe  (4cfce00b48cd0b8800ee1a7a3d58e0e3)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.15.1/.../Open Sonic.exe  (3761aafa9d1a1598b83145c6a6e2997d)

1 / 68      (Adware)
http://dl01.faadmr.com/n/.../FLV_Media_Player.exe  (6807f40aef3d0ee08f1ed0afb22cd765)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.21/.../Google Chrome.exe  (85c8468df22d0792f0667fd720369860)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.6/.../NOD32 antivirus.exe  (974b72fc8e43c216f47913ae9e355a26)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../DJ Mix Pro.exe  (8e9fc5a0a62cd88ed061fd33c7f1d02b)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.21/.../CiberLynk YouCam.exe  (226edc6436297e7df1dc509759b2e06c)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.21/.../WebCamSplitter.exe  (77b8174f30319cabe1626c492224978c)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/.../Foxit PDF Reader.exe  (c08a5b5e3fc28b531891a42bf7a3c5b3)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.21/.../Audio Editor Pro.exe  (91da118a3c3805df9a8a6e60af24dc21)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.5/.../Mario Bros y Luigi.exe  (957fa5c6afa67af6d14cab0d2c8f742b)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../CCleaner.exe  (fa3cd399e30d0ab2cc178316a1c54fbb)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.15.1/.../Language Reader.exe  (d037c057e706a3d2575ff0c530ad5ef4)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../FreeMind.exe  (9b5ce2a42fb46188bbfa1665851813f3)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.5/.../Perigeo.exe  (ade0be60d9e4b5d968bff7beec80e204)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/.../Avast! Free Antivirus.exe  (a9f5d6099d0439b07380baa1d0231876)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../Virtual DJ.exe  (8493412d0b2664aaa1381a82af20df3a)

25 / 68    (Adware)

1 / 68      (Adware)
http://dl01.faadmr.com/n/3.0.7/.../microsoft office.exe  (49f32eac51f101f5b78e8be09b4f200f)

1 / 68      (Adware)

 
Latest 30 of 46 download URLs

The following 394 files have been seen to comunicate with dl01.faadmr.com in live environments.

TCP » 54.72.9.51:80

 
Latest 20 of 401 files

URL:
http://dl01.faadmr.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx (PHP/5.5.16)