» dl8.iq8download.com
Overview
Analysis
IPs Addresses (4)
Downloads (435)
Network (6)
Website Detail
Related Domains (631)

dl8.iq8download.com

InstallX, LLC

Domain Information

The domain dl8.iq8download.com registered by Whois Privacy Shield Services was initially registered in February of 2016 through ENOM, INC.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher InstallX, LLC who is located in Sartell, Minnesota in the United States.

Registrant:

Whois Privacy Shield Services for InstallX, LLC

Registrar:

LEONIDAS, LLC

Server location:

Virginia, United States (US)

Create date:

Thursday, February 11, 2016

Expires date:

Saturday, February 11, 2017

Updated date:

Sunday, February 14, 2016

ASN:

AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

iq8download.com

Whois:

7 iq8download.com records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.InstallX.T, PUP.Installer.W3i.W, PUP.Installer.W3i.U, PUP.Installer.W3i.L, PUP.Installer.InstallX.S, PUP.Installer.W3i.P, PUP.InstallX.Installer (M), PUP.InstallX.W3i.Installer (M), PUP.InstallX.W3i (M), PUP.InstallX (M)

100.00%

ESET NOD32

Win32/InstallIQ (variant), Win32/InstallIQ.A potentially unwanted (variant)

59.09%

Avira AntiVirus

Adware/InstallIQ.N, APPL/InstallIQ.Gen5, APPL/InstallIQ.J, TR/Trash.Gen, Adware/InstallC.B.1

56.82%

Dr.Web

Adware.W3i.32, Adware.W3i.9, Adware.W3i.25, Trojan.Domaiq.202, Trojan.Damaged.1

54.55%

Sophos

InstallQ

52.27%

VIPRE Antivirus

InstallIQ Installer, Trojan.Win32.Generic

52.27%

Comodo Security

Application.Win32.InstallIQ.B, UnclassifiedMalware, Application.Win32.InstallIQ.NTZK

50.00%

Malwarebytes

PUP.PlayPickle, PUP.Optional.InstallIQ.A

45.45%

Trend Micro House Call

TROJ_GEN.F47V0815, TROJ_FAKEAV.BMC, TROJ_GEN.FCBCBLA, TROJ_SPNR.0CJS13, TROJ_GEN.F47V0410, TROJ_GEN.F47V0120, TROJ_GEN.F47V0117, TROJ_GEN.F47V0305

34.09%

K7 AntiVirus

Riskware, Unwanted-Program

31.82%

MicroWorld eScan

Adware.InstallIQ.B, APPL/InstallIQ.Gen5

31.82%

Rising Antivirus

PE:PUF.InstallIQ!1.9E4F, PE:Trojan.Win32.Generic.1585D070!361091184, PE:Trojan.Win32.Generic.14A41BA7!346299303

25.00%

Fortinet FortiGate

Adware/Fam.NB, Adware/InstallIQ, W32/Itibiti.KNC!tr, W32/SPNR.0BA913!tr, Riskware/InstallIQ

25.00%

McAfee

Artemis!A34F9AC02DB1, Artemis!D8FA10DDD56E, Artemis!2AA9231B01A2, Artemis!132905E8A5FF, Artemis!7D5B48C0E03E, Artemis!497123CD3CDC

22.73%

AVG

Skodna.Generic_r, AdInstaller.InstallQ, InstallIQ

22.73%

The domain dl8.iq8download.com has been seen to resolve to the following 4 IP addresses.

54.210.47.225

ec2-54-210-47-225.compute-1.amazonaws.com

February 20, 2016

146.148.34.125

125.34.148.146.bc.googleusercontent.com

February 20, 2016

8.5.1.32

May 3, 2015

72.21.81.128

July 22, 2013

File downloads found at URLs served by dl8.iq8download.com.

1 / 68 (Adware)

http://dl8.iq8download.com/lm/.../games.exe (4cc41270a9170b18f58a64f54ba16890)

1 / 68 (Adware)

http://dl8.iq8download.com/lm/.../cabin.exe (4a380a856c02ae6071a9b398b7e38231)

18 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../nuancepdf_d165400.exe (7d5b48c0e03e408e6c631dc70c8f682c)

26 / 68 (Adware)

http://dl8.iq8download.com/lm/.../finalmediaplayer_732.exe (b732626e81b3ca8306dfef7e1efb419e)

12 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../7zip_installer_d793193.exe (7zip_installer_d793026.exe)

14 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../vioplayer2_d3976559.exe (vioplayer2_d3993153.exe)

16 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mediaplayer_d2686196.exe (mediaplayer.exe)

9 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mplayer_tuguu_d1021510.exe (mplayer_tuguu_d1021475.exe)

20 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mediaplayerlite_d166371.exe (mediaplayerlite_d793571.exe)

10 / 68 (Adware)

http://dl8.iq8download.com/lm/.../musicoasis.exe (77a314b4a39531c678c8a76e8da36c0f)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../topfreegames_d3145270.exe (32b76ab43687af1a116747776763d174)

1 / 68 (Adware)

http://dl8.iq8download.com/lm/.../livingsnowglobeswp1.exe (28fbb57a61820b87f01a609cb2ef6d26)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../waterfalls2_d150804.exe (c2ebfd97a5944502370f292bcddf7420)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../sharks_d150813.exe (adb2a504a9200bd300a1adec7d2040aa)

1 / 68 (Adware)

http://dl8.iq8download.com/lm/.../musicpig.exe (6ec124ad8461ac5db7704874ab450f9a)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../coolreader_freely_d163113.exe (405b554f5a975de02e213a1767212666)

1 / 68 (Adware)

http://dl8.iq8download.com/lm/.../littleppt.exe (7663f56e2aea1f0a87f087325d05c760)

28 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../applianflv_d793126.exe (applianflv.exe)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../playpickle_d249712.exe (fda604b7eaf7b81fbd52096e5f7a3a0e)

8 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../freeopener_d2197379.exe (freeopener_d2197848.exe)

11 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../vioplayer2_d3795647.exe (vioplayer2_d5628700.exe)

11 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../vioplayer2_d3993113.exe (vioplayer2_d5628700.exe)

4 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../expertpdf7_d146487.exe (820a6b6f43b7aed95d47b7d633c24fd4)

12 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mediaplayer_d2853199.exe (mediaplayer_d3147260.exe)

9 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mplayer_tuguu_d1021461.exe (mplayer_tuguu_d1021475.exe)

16 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../7zip_bimo_d154539.exe (497123cd3cdc1b56689512b9d21c37be)

1 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../gamenutt2_d1534242.exe (1bc5b469072c8bdd6398b3481bd216d1)

16 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../mediaplayer_d2341998.exe (mediaplayer.exe)

6 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../topfreegames_d3477237.exe (topfreegames_d3145270.exe)

23 / 68 (Adware)

http://dl8.iq8download.com/dynamic/standard/.../vioplayer2_d3795643.exe (vioplayer2_d3795753.exe)

Latest 30 of 435 download URLs

The following 6 files have been seen to comunicate with dl8.iq8download.com in live environments.

TCP » 54.210.47.225:80

online-guardian-v2.0.9.exe

TCP » 146.148.34.125:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.210.47.225:80

GoogleUpdate.exe (Google Update Services by Google lnc)

TCP » 146.148.34.125:80

online-guardian-v2.0.9.exe

TCP » 146.148.34.125:25

remwepqixynn.exe

TCP » 54.210.47.225:80

rtplugin.crx

TCP » 8.5.1.32:80

chrome.crx

URL:

http://dl8.iq8download.com/

Google Analytics:

UA-48689684

Title:

“iq8download.com”

Network:

Amazon Web Services (AWS), running an EC2 instance

Web server:

nginx

Related Domains

1freesoftwareonline.com

30 of 631 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.