dl01.facdmr.com

Domain Name Acquisitions A, LLC

Domain Information

The domain dl01.facdmr.com registered by Domain Name Acquisitions A, LLC was initially registered in April of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Remove Malware from dl01.facdmr.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Thursday, April 25, 2013

Expires date:
Monday, April 25, 2016

Updated date:
Monday, June 08, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FIRSERIASL.O, PUP.FIRSERIASL.H, PUP.FIRSERIASL.P, PUP.FIRSERIASL.U, PUP.FIRSERIASL.Q, PUP.Installer.AppsInstallerSL.O, PUP.FIRSERIASL.G, PUP.Installer.PopelerSystemsl.H, PUP.Installer.PopelerSystemsl.S, PUP.Installer.PopelerSystemsl.K, PUP.Installer.SETUPPROCESS.Q, PUP.FIRSERIASL.I, PUP.Installer.PopelerSystemsl.U, PUP.Installer.PopelerSystemsl.DD, PUP.Installer.Solimba, PUP.Installer.EilioDevelopments, Win32.Generic.Installer.Meta, PUP.Solimba.Bundler, PUP.Solimba.EilioDevelopmentssl.Installer (M), PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.PopelerSystemsl.Installer (M)
100.00%

Malwarebytes
PUP.Optional.Firseria, PUP.Optional.InstallCore, .PUP.Optional.Solimba, PUP.Optional.Rapiddown, PUP.BundleInstaller.A
81.48%

Sophos
Solimba Installer, PUA 'Solimba Installer'
81.48%

VIPRE Antivirus
Trojan.Win32.Generic, DownloadMR, Threat.4150696, Threat.4782980
77.78%

Avira AntiVirus
APPL/Firseria.Gen, TR/Crypt.XPACK.Gen, APPL/Firseria.Gen8, APPL/FirInstaller.B, PUA/Firseria.glop, TR/Dropper.Gen
77.78%

AVG
AdInstaller.Firseria, BundleApp, Adware AdInstaller.Firseria, Generic, Found Luhe.Fiha.A, Adware BundleApp.HA, Adware BundleApp.HC
77.78%

Kaspersky
not-a-virus:Downloader.Win32.Morstar, not-a-virus:Downloader.Win32.Firser, not-a-virus:AdWare.Win32.Fiseria
74.07%

Dr.Web
Adware.Downware.1433, Adware.Downware.1433, Adware.Downware.1433, Trojan.DownLoader11.24441, Trojan.DownLoader11.3502, Adware.Downware.11353
74.07%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.DownMorstar.as.(kcloud), Win32.Troj.DownMorstar.o.(kcloud), Win32.Troj.DownMorstar.k.(kcloud)
74.07%

AhnLab V3 Security
PUP/Win32.Firseria, PUP/Win32.Bundler, PUP/Win32.Rapiddown, PUP/Win32.Solimba
74.07%

IKARUS anti.virus
Win32.SuspectCrc, not-a-virus:Downloader.Win32.Morstar, Trojan.Patched, AdWare.BundleApp, not-a-virus:Downloader.Morstar
74.07%

F-Prot
W32/Backdoor2.HTEZ, W32/A-a2151e6a, W32/Firseria.D, W32/Solimba.G.gen, W32/A-a79dd9a7, W32/S-efb18088, W32/Reveton.D
74.07%

K7 AntiVirus
Backdoor , Unwanted-Program , Trojan
74.07%

K7 Gateway Antivirus
Unwanted-Program , Trojan
70.37%

NANO AntiVirus
Trojan.Win32.Morstar.cslwyy, Trojan.Win32.Morstar.delxop, Trojan.Win32.Morstar.creklv, Trojan.Win32.Morstar.dfgpsr, Trojan.Win32.Morstar.dfjwqf
70.37%

The domain dl01.facdmr.com has been seen to resolve to the following 14 IP addresses.

50-56-218-189.static.cloud-ips.com
June 19, 2015

a23-62-7-41.deploy.static.akamaitechnologies.com
October 19, 2014

a23-62-7-66.deploy.static.akamaitechnologies.com
October 19, 2014

a23-62-6-81.deploy.static.akamaitechnologies.com
September 18, 2014

a23-62-6-40.deploy.static.akamaitechnologies.com
September 18, 2014

a23-0-160-11.deploy.static.akamaitechnologies.com
September 4, 2014

a23-0-160-73.deploy.static.akamaitechnologies.com
September 4, 2014

a23-67-243-41.deploy.static.akamaitechnologies.com
April 14, 2014

March 28, 2014

a23-67-243-96.deploy.static.akamaitechnologies.com
March 28, 2014

a23-67-244-43.deploy.static.akamaitechnologies.com
March 20, 2014

a23-67-244-41.deploy.static.akamaitechnologies.com
March 20, 2014

a23-67-250-128.deploy.static.akamaitechnologies.com
January 18, 2014

a23-67-250-122.deploy.static.akamaitechnologies.com
January 18, 2014

File downloads found at URLs served by dl01.facdmr.com.

1 / 68      (Adware)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PhotoScape.exe  (27b6d66f6d7dc83a36efc538a3b47c59)

1 / 68      (Adware)
http://dl01.facdmr.com/n/3.0.23.4/.../Microsoft Word.exe  (29c8bb4bfdd5e238116cfa64e32a4328)

12 / 68    (Adware)

24 / 68    (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (9f66f26802a7ef4a89e8c90eea9a32b3)

1 / 68      (Adware)

1 / 68      (Adware)

40 / 68    (Adware)
http://dl01.facdmr.com/n/.../uTorrent.exe  (6f21efa636255cdc11e04249e5f99176)

34 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.24.5/.../Loki VPN Client.exe  (d18608b569e7baa2511fae6fd4bf2783)

41 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.22.18.4/.../iTunes.exe  (177d511d0ad831a5389a340e9a634b99)

37 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PDFCreator.exe  (62a543dde441ba5711866da27894d059)

36 / 68    (Adware)

39 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../PhotoScape.exe  (0116ca9762fdc161bce4e9c865a52b6e)

38 / 68    (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (16fedcd2aebdfbdb8208fd1c152ef833)

35 / 68    (Adware)

38 / 68    (Adware)
http://dl01.facdmr.com/n/.../uTorrent.exe  (730825fb03070f1a103ba2641ef898de)

34 / 68    (Adware)
http://dl01.facdmr.com/n/.../FLV_Media_Player.exe  (2d386b9f599e83ddfcdafb90f4e4fb5b)

32 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.22.18/.../VirtualBox.exe  (3b3fed47771c9fd0d4db3cc01fd49a19)

50 / 68    (Adware)

29 / 68    (Adware)
http://dl01.facdmr.com/n/3.1.22.18.2/.../WinPlot.exe  (086b00795c4e19d2086d94d14a1eef2e)

35 / 68    (Adware)
http://dl01.facdmr.com/n/3.0.23.4/.../Winrar.exe  (4fec237ef44edbaba2837161f80552d5)

11 / 68    (Adware)

11 / 68    (Adware)

1 / 68      (Adware)

25 / 68    (Adware)

26 / 68    (Adware)
http://dl01.facdmr.com/n/.../Wii2788.part5.rar.exe  (4c02e09569bdc08d50dcb76b961077ad)

27 / 68    (Adware)
http://dl01.facdmr.com/n/3.0.23.4/.../Xpadder.exe  (ed77e1741045885b028d1d1723b0e330)

20 / 68    (Adware)
http://dl01.facdmr.com/n/.../File_installer.exe  (5e427189d0727457cbedfe04ae1e5a74)

The following 164 files have been seen to comunicate with dl01.facdmr.com in live environments.

 
Latest 20 of 167 files

URL:
http://dl01.facdmr.com/

Web server:
nginx/1.8.0

Remove Malware from dl01.facdmr.com - Powered by Reason Core Security