dl2.v47installer.com

Domain Registries Foundation

Domain Information

The domain dl2.v47installer.com registered by Domain Registries Foundation was initially registered in February of 2016 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Limelight Networks, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, February 10, 2016

Expires date:
Friday, February 10, 2017

Updated date:
Wednesday, February 10, 2016

ASN:
AS22822 LLNW-AS Limelight Networks, INC. proxy AS object

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SecureInstall.L, PUP.Installer.SecureInstall.K, PUP.Installer.SecureInstall.G, PUP.Installer.SecureInstall.F, PUP.Installer.InstallX, PUP.InstallX.SecureInstall.Installer (M), PUP.InstallX.SafeInstall.Installer (M), PUP.InstallX.SecureIn.Installer (M), PUP.InstallX (M)
97.83%

Malwarebytes
PUP.Optional.SafeInstall.A
69.57%

NANO AntiVirus
Riskware.Win32.Searcher.csnymk, Trojan.Win32.Searcher.csnymk
69.57%

Dr.Web
Adware.Searcher.2593, Adware.InstallIQ.2, Adware.Downware.2512, Adware.InstallIQ.3, Adware.Downware.2968
69.57%

VIPRE Antivirus
InstallIQ Installer
69.57%

McAfee
Artemis!9B0EF7D18E01, Artemis!3DD7A96AEE23, Artemis!E8CF72AEA1C9, Artemis!C4A8EECDA7F4, Artemis!9A725E1D7935, Artemis!507B3EE96EDC, Artemis!AA795C621E76, Artemis!459CD5527DA8, Artemis!6A4FF86A4C14, PUP-FLX, Artemis!A4B85577E7B4, Artemis!E56379CAE13E, Artemis!B8F9EB1AB62D
67.39%

McAfee Web Gateway
Artemis!9B0EF7D18E01, Heuristic.BehavesLike.Win32.Suspicious-BAY.K, Artemis!E8CF72AEA1C9, Artemis!9A725E1D7935, Artemis!507B3EE96EDC
67.39%

Sophos
DomainIQ pay-per install, InstallQ, PUA 'InstallQ', PUA 'DomainIQ pay-per install'
67.39%

ESET NOD32
Win32/InstallIQ (variant)
65.22%

Trend Micro House Call
TROJ_GEN.F47V0411, TROJ_GEN.F47V0314, TROJ_GEN.F47V0502, TROJ_GEN.F47V0315, TROJ_GEN.F47V0426, Suspicious_GEN.F47V0627, Suspicious_GEN.F47V0704
63.04%

AVG
MultiBundle, Generic_r, Adware Generic_r.NT
63.04%

Kaspersky
not-a-virus:Downloader.NSIS.Agent
63.04%

K7 Gateway Antivirus
Unwanted-Program , Trojan
58.70%

K7 AntiVirus
Unwanted-Program , Trojan
58.70%

Antiy Labs AVL
Trojan/Win32.TSGeneric, RiskWare[Downloader:not-a-virus]/NSIS.Agent
58.70%

The domain dl2.v47installer.com has been seen to resolve to the following 10 IP addresses.

August 13, 2016

July 20, 2016

.
July 6, 2016

June 29, 2016

February 13, 2016

November 10, 2014

cdn-208-111-161-254.iad.llnw.net
May 1, 2014

cdn-208-111-160-6.iad.llnw.net
May 1, 2014

April 11, 2014

April 11, 2014

File downloads found at URLs served by dl2.v47installer.com.

1 / 68      (Adware)

1 / 68      (Adware)

37 / 68    (Adware)

1 / 68      (Adware)

38 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

27 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

34 / 68    (Adware)

35 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

37 / 68    (Adware)

27 / 68    (Adware)

36 / 68    (Adware)

31 / 68    (Adware)

33 / 68    (Adware)

 
Latest 30 of 215 download URLs

The following 150 files have been seen to comunicate with dl2.v47installer.com in live environments.

 
Latest 20 of 292 files

URL:
http://dl2.v47installer.com/

Title:
“v47installer.com”

Web server:
Apache