dl5.iq8download.com

InstallX, LLC

Domain Information

The domain dl5.iq8download.com registered by Whois Privacy Shield Services was initially registered in February of 2016 through ENOM, INC.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher InstallX, LLC who is located in Sartell, Minnesota in the United States.
Registrar:
LEONIDAS, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, February 11, 2016

Expires date:
Saturday, February 11, 2017

Updated date:
Sunday, February 14, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.W3i.S, PUP.Installer.W3i.M, PUP.Installer.W3i.W, PUP.Installer.W3i.Q, PUP.Installer.W3i.H, PUP.Installer.W3i.P, PUP.InstallX.W3i.Installer (M)
100.00%

Dr.Web
Adware.W3i.9, Adware.Downware.888
87.76%

Avira AntiVirus
APPL/InstallIQ.Gen5, Adware/InstallC.B.1
87.76%

Sophos
InstallQ, PUA 'InstallQ'
85.71%

ESET NOD32
Win32/InstallIQ (variant), Win32/InstallIQ.A potentially unwanted (variant)
83.67%

Trend Micro House Call
TROJ_FAKEAV.BMC, HV_INSTALLIQ_CG092B87.RDXN, TROJ_SPNR.0CA214, TROJ_GEN.RCBH1A3, TROJ_GEN.R0CBH0AAC14, TROJ_SPNR.0CI312, TROJ_GEN.RCBH1J8, TROJ_GEN.F47V1024, TROJ_GEN.F47V1129
81.63%

VIPRE Antivirus
InstallIQ Installer, Trojan.Win32.Generic
77.55%

Malwarebytes
PUP.Optional.InstallIQ.A
69.39%

K7 AntiVirus
Unwanted-Program , Trojan
65.31%

Comodo Security
UnclassifiedMalware, Application.Win32.InstallIQ.NTZK, ApplicUnwnt.Win32.AdWare.Agent.~A
63.27%

McAfee Web Gateway
Artemis!132905E8A5FF, Artemis!2BEE4DDE46E2, Artemis!2F629240C572, Artemis!FEEA4686AF65, Artemis!4663DF1BB9FA, Artemis!AAEB3C2BCD92
61.22%

K7 Gateway Antivirus
Unwanted-Program , Trojan
61.22%

McAfee
Artemis!132905E8A5FF, Artemis!2BEE4DDE46E2, Artemis!2F629240C572, Artemis!FEEA4686AF65, Artemis!4663DF1BB9FA, Artemis!AAEB3C2BCD92, Artemis!29290D22BA60, Artemis!6EEC6A801803, Artemis!3D233CADCFFF, Artemis!2FAD24116C31
55.10%

MicroWorld eScan
APPL/InstallIQ.Gen5, Win32/InstallIQ, Adware/InstallC.B.1, Trojan.GenericKDV.1157022
53.06%

Trend Micro
TROJ_FAKEAV.BMC, TROJ_SPNR.0CA214, TROJ_SPNR.0CI312, TROJ_SPNR.0CB713, TROJ_GEN.FCBCBKH, TROJ_GEN.FCBCBKS
48.98%

The domain dl5.iq8download.com has been seen to resolve to the following 4 IP addresses.

125.34.148.146.bc.googleusercontent.com
February 15, 2016

ec2-54-210-47-225.compute-1.amazonaws.com
February 15, 2016

May 4, 2015

December 27, 2013

File downloads found at URLs served by dl5.iq8download.com.

40 / 68    (Adware)
http://dl5.iq8download.com/lm/.../marine2.exe  (6837b8e43fb837de450ed40a0230fe6f)

12 / 68    (Adware)

22 / 68    (Adware)

28 / 68    (Adware)
http://dl5.iq8download.com/lm/.../musicoasis.exe  (aaeb3c2bcd92f038b3c8dd6e40149882)

33 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../musicoasis_2904.exe  (560b833b15d153399ad09db4e57148b3)

1 / 68      (Adware)

24 / 68    (Adware)
http://dl5.iq8download.com/lm/.../tvshows.exe  (6eec6a801803c86666df44014d82cd97)

26 / 68    (Adware)
http://dl5.iq8download.com/lm/.../freefileviewer_730.exe  (0c98c522b51866cfe52287e992e2ea14)

9 / 68      (Adware)

27 / 68    (Adware)
http://dl5.iq8download.com/lm/.../greetingcardcreator.exe  (8d929203ce95b0bdc6dcf277466c2263)

32 / 68    (Adware)
http://dl5.iq8download.com/lm/.../movie_player_1280.exe  (77f427615c830ff2b9a5322568b6f479)

28 / 68    (Adware)
http://dl5.iq8download.com/lm/.../mplayer_tuguu_1351.exe  (7578acae3d94adac0c5a9b6ce8a0f390)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../musicoasis_2906.exe  (bc5c91a0497db5e319c71e324925a6e2)

25 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

6 / 68      (Adware)

9 / 68      (Adware)

16 / 68    (Adware)
http://dl5.iq8download.com/lm/.../videosaver.exe  (183a05d13139167a22091899ce08834f)

15 / 68    (Adware)
http://dl5.iq8download.com/lm/.../movie_player.exe  (2bee4dde46e2748326d4df7fc3d3b265)

23 / 68    (Adware)

22 / 68    (Adware)

17 / 68    (Adware)

15 / 68    (Adware)

17 / 68    (Adware)

17 / 68    (Adware)

11 / 68    (Adware)

9 / 68      (Adware)

 
Latest 30 of 81 download URLs

The following file have been seen to comunicate with dl5.iq8download.com in live environments.

URL:
http://dl5.iq8download.com/

Google Analytics:
UA-48689684

Title:
“iq8download.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

30 of 261 related domains