dl5.v39installer.com

REACTIVATION PERIOD

Domain Information

The domain dl5.v39installer.com registered by REACTIVATION PERIOD was initially registered in October of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Tuesday, October 08, 2013

Expires date:
Wednesday, October 08, 2014

Updated date:
Thursday, November 20, 2014

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InstallX.D, PUP.Installer.InstallX.K, PUP.Installer.SecureInstall.K, PUP.Installer.InstallX.L, PUP.InstallX.Installer (M)
100.00%

Malwarebytes
PUP.Optional.InstallIQ, PUP.Optional.SafeInstall.A
94.44%

Trend Micro House Call
TROJ_GEN.F47V1112, TROJ_GEN.F47V1219, TROJ_GEN.F47V1025, TROJ_GEN.F47V1211, TROJ_GEN.F47V0407, TROJ_GEN.F47V1220, TROJ_GEN.F47V1210
94.44%

NANO AntiVirus
Trojan.Win32.Searcher.cjaztx, Riskware.Win32.Searcher.csnymk, Riskware.Win32.Searcher.cjaztx
94.44%

Dr.Web
Adware.Searcher.2593, Adware.Downware.1724, Adware.Downware.1426, Adware.Downware.2512
94.44%

VIPRE Antivirus
InstallIQ Installer
94.44%

ESET NOD32
Win32/InstallIQ (variant)
94.44%

XVirus List
Win32.Detected, Win.Detected
88.89%

McAfee
Artemis!D4EB6FF32274, Artemis!34A1D3B16B4C, Artemis!73D92A4F4B90, Artemis!27D3FB6CE1B3, Artemis!079DC217D7B3, Artemis!507B3EE96EDC, Artemis!6A559DDDDA1D, Artemis!F93EE7C87FF5, Artemis!24AE5CB1B73F
88.89%

McAfee Web Gateway
Artemis!D4EB6FF32274, Artemis!34A1D3B16B4C, Artemis!73D92A4F4B90, Heuristic.BehavesLike.Win32.Suspicious-BAY.K, Artemis!079DC217D7B3
88.89%

Comodo Security
Application.Win32.InstallIQ.B
83.33%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
83.33%

IKARUS anti.virus
Win32.SuspectCrc, Win32.Malware, Virus.Win32.Heur, PUA.InstallIQ
83.33%

avast!
Win32:Malware-gen, Win32:PUP-gen [PUP]
83.33%

AVG
MalSign.InstallX, MultiBundle
83.33%

The domain dl5.v39installer.com has been seen to resolve to the following 3 IP addresses.

unallocated.barefruit.co.uk
May 3, 2015

September 1, 2014

February 6, 2014

File downloads found at URLs served by dl5.v39installer.com.

33 / 68    (Adware)

25 / 68    (Adware)

1 / 68      (Adware)

13 / 68    (Adware)

20 / 68    (Adware)

27 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

21 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

27 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

20 / 68    (Adware)

21 / 68    (Adware)

21 / 68    (Adware)

21 / 68    (Adware)

 
Latest 30 of 32 download URLs

The following 230 files have been seen to comunicate with dl5.v39installer.com in live environments.

 
Latest 20 of 230 files

URL:
http://dl5.v39installer.com/

Web server:
nginx/1.0.15