home

dl01.facdmr.com

Domain Name Acquisitions A, LLC

Domain Information

The domain dl01.facdmr.com registered by Domain Name Acquisitions A, LLC was initially registered in April of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
GODADDY.COM, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, April 25, 2013

Expires date:
Monday, April 25, 2016

Updated date:
Monday, June 8, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:
facdmr.com

Whois:
3 facdmr.com records

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Solimba.EilioDev.Installer (M), PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.RAPIDDOW.Bundler (M), PUP.Solimba.AppsInst.Bundler (M), Win32.Generic, PUP.Solimba.PopelerS.Installer (M), PUP.Solimba.Firseria.Bundler (M), PUP.Solimba.Prelasan (M), PUP.Solimba.SETUPPRO.Bundler (M), PUP.Solimba.POPELERS (M), PUP.Solimba (M)
100.00%

ESET NOD32
MSIL/Solimba.AH potentially unwanted application
2.08%

AVG
Adware BundleApp.HA
2.08%

The domain dl01.facdmr.com has been seen to resolve to the following 19 IP addresses.

185.53.178.8
June 18, 2016

52.18.157.175
ec2-52-18-157-175.eu-west-1.compute.amazonaws.com
April 15, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
April 15, 2016

185.53.178.12
April 6, 2016

104.130.124.96
April 3, 2016

50.56.218.189
50-56-218-189.static.cloud-ips.com
June 19, 2015

23.62.7.41
a23-62-7-41.deploy.static.akamaitechnologies.com
October 19, 2014

23.62.7.66
a23-62-7-66.deploy.static.akamaitechnologies.com
October 19, 2014

23.62.6.81
a23-62-6-81.deploy.static.akamaitechnologies.com
September 18, 2014

23.62.6.40
a23-62-6-40.deploy.static.akamaitechnologies.com
September 18, 2014

23.0.160.11
a23-0-160-11.deploy.static.akamaitechnologies.com
September 4, 2014

23.0.160.73
a23-0-160-73.deploy.static.akamaitechnologies.com
September 4, 2014

23.67.243.41
a23-67-243-41.deploy.static.akamaitechnologies.com
April 14, 2014

23.67.243.19
March 28, 2014

23.67.243.96
a23-67-243-96.deploy.static.akamaitechnologies.com
March 28, 2014

23.67.244.43
a23-67-244-43.deploy.static.akamaitechnologies.com
March 20, 2014

23.67.244.41
a23-67-244-41.deploy.static.akamaitechnologies.com
March 20, 2014

23.67.250.128
a23-67-250-128.deploy.static.akamaitechnologies.com
January 18, 2014

23.67.250.122
a23-67-250-122.deploy.static.akamaitechnologies.com
January 18, 2014

File downloads found at URLs served by dl01.facdmr.com.

1 / 68      (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (0c1c9354fb576b2ef84d6f0b64c910b4)

1 / 68      (Adware)
http://dl01.facdmr.com/n/.../File_installer.exe  (435348c406a9d5d8a8ed9548f10c0261)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.24.5/.../Setup.exe  (f6702360d246bcb2c3c57fddb65e7313)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.24.5/.../InterApp Control.exe  (ba55fb3fc14269eb69b03d50336a675a)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.24.5/.../iTunes.exe  (de5012f23a1028b822463c14e6088fee)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.0.23.4/.../Wifi Auditor.exe  (491e87281a09de6f35f6963f743313a4)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.4/.../True Caller.exe  (619b1c765dd0e65808644221d6c786a0)

3 / 68      (PUP)
http://dl01.facdmr.com/n/3.1.22.18.2/.../Guitar Pro.exe  (70f307ad46aaf2f507073700224c4b3d)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../Freemake Video Downloader.exe  (e823fd707001e8067522b58688485f5f)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PhotoFiltre.exe  (243ca4fdcbd5ba71422cd5b1669344ec)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../Ares Galaxy.exe  (93630128d8b386b7fdb895e319f32f77)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PDF24.exe  (0feba77490e3aaf7ac673053589dfb51)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.0.28.3/.../FLV_Media_Player.exe  (d6cf48a57d14e7fd5c2c0db65aa13fcd)

1 / 68      (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (f72c1771f89bff8db26902ae2305e2cd)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../Internet Explorer.exe  (5fc3251fba000abde301c10d82ca0e21)

1 / 68      (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (38861971740d813d31c5eabf7e710e91)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PDF to Excel Converter.exe  (1631b06c61f7f55191e267e6ef81125b)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.4/.../Avast! Free Antivirus.exe  (eb969a1fd10135d54a5c9e640ca64240)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../Recuva Portable.exe  (c223c58c6d47ab697ae0c2c651b2560d)

1 / 68      (Adware)
http://dl01.facdmr.com/n/.../AVS_Media_Player.exe  (38cb91fd1f5b1f1e9dd1093cf5e7359e)

0 / 68
http://dl01.facdmr.com/n/.../uTorrent.exe  (fcb1f48fd4c2b0932fc43bfc55c387a9)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.24.5/.../Kingo Android Root.exe  (87cf9c53373b4732a3ba0d32c8d165b0)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../iLivid.exe  (2e1c72bb14f6196a6335291db03e119c)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.0.23.4/.../Adobe Reader.exe  (dfe1b44c456e0e180be5a8f287fcede4)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../IncrediMail 2.exe  (84dafec4e4f4fbc6739863fd13f51790)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../ScreenHunter Free.exe  (47f1a3f1e31bdc862836b41f837b965d)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.24/.../RealDownloader.exe  (95f73dd1ecb8b6d88d11206b3e60e167)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.0.23.6/.../Google Chrome.exe  (a3a4cd3f4a70bc6b65802a233daf18df)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../CutePDF Writer.exe  (fcdd3a7fdd07ad41719af1402fb49fad)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../FLV Player.exe  (57c9b8864cb39bd102606a6d93e22ad2)

 
Latest 30 of 120 download URLs

The following 479 files have been seen to comunicate with dl01.facdmr.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

 
Latest 20 of 488 files

URL:
http://dl01.facdmr.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.8.1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.