home

dl1.afterdawn.com

AfterDawn Oy

Domain Information

The domain dl1.afterdawn.com registered by AfterDawn Oy was initially registered in March of 1999 through CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher AfterDawn who is located in Oulu, Finland.
Registrar:
CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Wednesday, March 31, 1999

Expires date:
Sunday, March 31, 2019

Updated date:
Tuesday, February 11, 2014

ASN:
AS60781 LEASEWEB-NL LeaseWeb B.V.,NL

Root domain:
afterdawn.com

Whois:
1 afterdawn.com record

Scanner detections:
Adware distribution

Scan engine
Details
Detections

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520, PE:Malware.RDM.39!5.2D[F1]
38.46%

Reason Heuristics
PUP.iMesh.Installer.Installer.Meta (L), PUP.DigitalWave.Bundler (L), PUP.DigitalWave.Bundler.Installer.Meta (L), (M), Win32.Generic
38.46%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
30.77%

Dr.Web
Adware.OpenCandy.3, Adware.Toolbar.576, Adware.Toolbar.665
23.08%

G Data
Trojan.GenericKD.1630386, Win32.Application.Dealply, Win32.Application.OpenCandy
23.08%

Bkav FE
W32.Clodabf.Trojan, W32.Clod26e.Trojan
15.38%

Malwarebytes
PUP.Optional.OpenCandy
15.38%

Trend Micro House Call
ADW_OPENCANDY, Suspicious_GEN.F47V0506
15.38%

XVirus List
Win.Detected
15.38%

Fortinet FortiGate
Riskware/OpenCandy
15.38%

Agnitum Outpost
Adware.OpenCandy
7.69%

Trend Micro
ADW_OPENCANDY
7.69%

Vba32 AntiVirus
AdWare.OpenCandy
7.69%

AhnLab V3 Security
ASD.Prevention
7.69%

Quick Heal
(Suspicious) - DNAScan
7.69%

The domain dl1.afterdawn.com has been seen to resolve to the following IP address.

95.211.209.194
imuri01.afterdawn.net
May 5, 2015

File downloads found at URLs served by dl1.afterdawn.com.

0 / 68
http://dl1.afterdawn.com/download/c8bdfb4034afc96aee6a8b1bf258b1a2/57371f57/.../CoreTemp32_v.10-rc6.zip  (e2358bca587c6a82dd519d925b7a0af8)

0 / 68
http://dl1.afterdawn.com/download/ed5b0865626d039b3a4f14c3b0e9f4d7/578ccb14/.../utorrent-3.0.25570.x64.exe  (uTorrent.exe)

0 / 68
http://dl1.afterdawn.com/download/c3b628dac23d26ef267ba5a20a6d4d8e/578e22c5/.../install_flashplayer11x32_mssd_aih_11.6.602.180.exe  (install_flashplayer11x32_mssa_aih.exe)

0 / 68
http://dl1.afterdawn.com/download/681b78d9d20d8ef1bda274df2b608a5a/566b1a61/.../MameUI32_0.155.7z  (c9f39e5f857c5c78a0eb867c28c6ff9b)

0 / 68
http://dl1.afterdawn.com/download/736c33780822da8016190706360d14b3/572858c9/.../Firefox_Setup_18.0.1.exe  (7zS.sfx.exe)

1 / 68
http://dl1.afterdawn.com/download/79a84b5c715e51e00655c4980a9c6271/554e0cca/.../mp3DC220.exe  (7159533de29017dca87f100f31d625bd)

0 / 68
http://dl1.afterdawn.com/download/ec794ba9adbf47850502bfb8db8201a8/577763c2/.../FreeYouTubeToMP3Converter_v4.1.23.620.exe  (2bd40e6f_stp.exe)

0 / 68
http://dl1.afterdawn.com/download/78f79a2e282b86eb1b31c3ad91a04143/577ea88d/.../VobSub_2.23.exe  (5d40396f076d9751150e975ee90db1be)

0 / 68
http://dl1.afterdawn.com/download/9f12b1a301fa818d50ab8a4bf992d927/57779ced/.../CameraView_v1.0.zip  (11bb60cb04fbe6403b8c59bf6397f330)

0 / 68
http://dl1.afterdawn.com/download/dc79a1544d818bbf2da35b6d7eb412a1/576d6324/.../FreeYouTubeDownload_v4.1.23.620.exe  (70ce564c_stp.exe)

1 / 68      (PUP)
http://dl1.afterdawn.com/download/b8a525842d7a440e64a690674dbb4122/578947b7/.../DriverPack-Online_v17.6.3.exe  (driverpack-online_467818316.1458298228.exe)

0 / 68
http://dl1.afterdawn.com/download/41ccdb1b27faaa4efdbf9fee73876c47/5779ee96/.../TeamViewer_Setup_v4.1.6194.exe  (teamviewer_setup.exe)

0 / 68
http://dl1.afterdawn.com/download/79cf521c5069b03baff4c76473075f73/57284d16/.../teracopy3a4.exe  (45d0eae1495de6b791940438419d6006)

0 / 68
http://dl1.afterdawn.com/download/2bedac72c3be7096acad2e4798bcd50c/577cf4c7/.../HDHackerPortable_1.4_Rev_2.paf.exe  (f40a5942d277c3c908b1ce0ddb524566)

1 / 68      (inconclusive)
http://dl1.afterdawn.com/download/b4f73ce5c102f89ace4826b804fdb2ed/56a93403/.../vlc-2.2.2-win32.exe  (65133da829359a4e4079d965d05ba5bf)

8 / 68      (PUP)
http://dl1.afterdawn.com/download/ec268506129ea19b28f46aeeaa9d8d60/56a23dea/.../FreeYouTubeDownload_v4.1.1.118.exe  (freeyoutubedownload.exe)

0 / 68
http://dl1.afterdawn.com/download/108b4e44dd4f5c870e8490bd90b83544/56082d01/.../PD-Proxy_VPN_v2.2.0.zip  (7d20e921cd4e37e5330d6d130899fbc3)

0 / 68
http://dl1.afterdawn.com/download/928e52f33c5e8fec47b0818de20e34b7/56615a02/.../SLIC_ToolKit_V3.2.rar  (f461b2f8b609ce83016d4f1121983dc6)

0 / 68
http://dl1.afterdawn.com/download/3a54ef50d4797adc25b368f72d70b3a4/577a4a47/.../rebox.NET.2991.zip  (70aa789f8b0638e71ee83593e7e972a4)

11 / 68    (false positives)
http://dl1.afterdawn.com/download/6a0d36d7faf2348d237d4dfa71f12b2b/56df6c15/.../FreemakeVideoDownloaderFull_v3.8.0.7.exe  (freemakevideodownloaderfull.exe)

0 / 68
http://dl1.afterdawn.com/download/8727005e8ef2a9ea00741dc2113e7886/55ebc6c3/.../Padus_Disc_Juggler_setup_v6.00.1400.exe  (1528d6da02256d5a469a9358eff59648)

0 / 68
http://dl1.afterdawn.com/download/b9c5693804be7cf68b938199cdabedc3/56f56f58/.../wirelesskeyview_v1.72.zip  (wirelesskeyview.zip)

0 / 68
http://dl1.afterdawn.com/download/fcf92831133d0100a365f702a000859e/576a920b/.../w7inst_v1.4.2.0.exe  (w7inst142.exe)

2 / 68      (PUP)
http://dl1.afterdawn.com/download/598d67f830ae17d7415933cc233d1899/57689a65/.../iMesh_v12.exe  (imesh_setup.exe)

0 / 68
http://dl1.afterdawn.com/download/c5dfc6a40a651bb1b3ea310221bfbefa/576a5e37/.../install_flashplayer11x32_mssd_aih_11.6.602.180.exe  (install_flashplayer11x32_mssa_aih.exe)

0 / 68
http://dl1.afterdawn.com/download/4d15d56f7cedf9d6b76a99884c9e5b27/576333a8/.../dvdshrink32setup1.zip  (dvdshrink32setup.zip)

2 / 68
http://dl1.afterdawn.com/download/49e6f23cb53525fc93b4d26be7948b2c/5670698d/.../tvplayer_v4.9.5.0.exe  (tvplayer.exe)

3 / 68      (PUP)
http://dl1.afterdawn.com/download/94ae68d8a8dcedb8c9d2b913af30dc21/5551067e/.../FreeYouTubeDownload_v3.2.58.505.exe  (freeyoutubedownload.exe)

0 / 68
http://dl1.afterdawn.com/download/41068a1a0c99cf829867ff58b2b7ec13/576b9842/.../winhoc_v1.0.0.0.exe  (704d4c295d72479c97f8a15c8b5add3e)

0 / 68
http://dl1.afterdawn.com/download/126f852d5265e9657dd316ddfaa95eb5/576d9353/.../vegaspro11.0.370_32bit.exe  (dfe0c5ddde6db4505c6671c86a369c64)

 
Latest 30 of 255 download URLs

The following 6 files have been seen to comunicate with dl1.afterdawn.com in live environments.

TCP » 95.211.209.194:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 95.211.209.194:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 95.211.209.194:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 95.211.209.194:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 95.211.209.194:80
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

TCP » 95.211.209.194:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://dl1.afterdawn.com/

Google Analytics:
UA-2099875

Title:
“AfterDawn: Software downloads”

Description:
“Large selection of reviewed shareware and freeware software.”

download.fi

blasteroids.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.