dl01.faddmr.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl01.faddmr.com is registered by proxy through GODADDY.COM, LLC and was originally registered in April of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, April 25, 2013

Expires date:
Monday, April 25, 2016

Updated date:
Friday, May 01, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Solimba.AppsInstaller.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba.Bechiro.Bundler (M), PUP.installCore.ClickMeI.Installer (M), PUP.Solimba (M)
100.00%

Malwarebytes
PUP.Optional.Solimba
24.49%

K7 Gateway Antivirus
Unwanted-Program
24.49%

K7 AntiVirus
Unwanted-Program
24.49%

avast!
Solimba-C [PUP]
24.49%

Sophos
PUA 'Solimba Installer'
24.49%

Comodo Security
Application.Win32.Solimba.GW
24.49%

Dr.Web
Adware.Downware.1125
24.49%

VIPRE Antivirus
DownloadMR, Threat.4782980
24.49%

Avira AntiVirus
APPL/Solimba.Gen
24.49%

Vba32 AntiVirus
TScope.Trojan.MSIL, Signed-Downware.Morstar.AppsInstallerSL
24.49%

ESET NOD32
MSIL/Solimba.U potentially unwanted application, MSIL/Solimba potentially unwanted application
24.49%

Rising Antivirus
PE:PUF.FirseriaInstaller@CV!1.5C42
24.49%

Fortinet FortiGate
Adware/Solimba
24.49%

Agnitum Outpost
PUA.Solimba
24.49%

The domain dl01.faddmr.com has been seen to resolve to the following 6 IP addresses.

May 17, 2016

April 14, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
April 7, 2016

ip-50-63-202-56.ip.secureserver.net
May 5, 2015

ip-50-63-202-57.ip.secureserver.net
May 4, 2015

hadl.lw100.1e111.net
December 13, 2013

File downloads found at URLs served by dl01.faddmr.com.

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (a33b0167f3989fea4dff30974bd54be9)

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (79e5b8020e7661b897fc653c4ed6aff8)

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (35539a3085ffa587eac5342a90bbd709)

1 / 68      (Adware)
http://dl01.faddmr.com/n/3.0.19.4/.../Setup.exe  (c4aebcb48a7bd0dc692faf0f82c55751)

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (c057f2945a7ab473f866bc0553ba1a6b)

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (1b0c9713e6dc4c2a552151f3ba7bece8)

1 / 68      (Adware)
http://dl01.faddmr.com/n/.../Setup.exe  (3224f55f3c285394e0e69ce15627be78)

1 / 68      (Adware)
http://dl01.faddmr.com/n/3.0.14.1/.../Setup.exe  (1f15b12d3a7cc2b68db775b774f2bd25)

27 / 68    (Adware)
http://dl01.faddmr.com/n/3.0.9/.../Setup.exe  (2cc463d8605cff2c78de0ef28cfd6057)

The following 432 files have been seen to comunicate with dl01.faddmr.com in live environments.

 
Latest 20 of 446 files

URL:
http://dl01.faddmr.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)