The domain dlp.downloadyourplayer.com registered by Corp New Ventures Services was initially registered in November of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Vitoria-Gasteiz, Pais Vasco within Spain which resides on the RIPE Network Coordination Centre network.
Registrant:
Corp New Ventures Services
Registrar:
! #1 HOST KOREA, INC.
Server location:
Pais Vasco, Spain (ES)
Create date:
Thursday, November 20, 2014
Expires date:
Friday, November 20, 2015
Updated date:
Friday, November 28, 2014
ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES
Scanner detections:
Detections (91% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.clipqube.F, PUP.Installer.IgnitionInstaller.F, PUP.Installer.TuguuSL.F, PUP.Installer.OUTBROWSE.F, PUP.Installer.OUTBROWSE.K, PUP.Optional.Installer.F, PUP.Installer.INSTALLTHIS.F, PUP.Installer.tuguusl.F, PUP.Installer.TuguuSL.K, PUP.Installer.SoftpulseSL.F, PUP.Installer.NanningweiwuTechnologycoltd.F, PUP.TuguuSL.O, DownloadManager.Air Software, PUP.Tuguu.TuguuU.Bundler (M), PUP.Tuguu.Bundler (M)
100.00%
Dr.Web
Adware.Downware.2086, Adware.Downware.1758, Trojan.Packed.24553, Adware.Downware.2081, Adware.Downware.2703, Trojan.Packed.26508
66.67%
Malwarebytes
PUP.Optional.Ignition.A, PUP.Optional.Domalq, PUP.Optional.OutBrowse, PUP.Optional.OptimumInstaller.A, PUP.Optional.Dropper.BL
61.90%
VIPRE Antivirus
Ignition Installer, DomaIQ, Threat.4150696, Threat.4778314, Threat.4783262, Threat.4783235, Iminent
61.90%
Sophos
Generic PUA FK, OutBrowse Revenyou, VOPackage, iBryte Optimum Installer, DomainIQ pay-per install, Generic PUA IG, Generic PUA MB
61.90%
Avira AntiVirus
APPL/DomaIQ.Gen7, APPL/Downloader.Gen, ADWARE/Adware.Gen7, APPL/Downloader.Gen8
59.52%
AVG
Skodna.Generic, AdPlugin, Trojan horse Downloader.Generic13.CLYK.dropper, Adware AdLoad.B, Adware DomaIQ, Adware BundleApp_r.D
59.52%
G Data
Win32.Application.Outbrowse, MemScan:Application.Bundler.Outbrowse, NSIS.Application.Vopackage, Win32.Adware.Ibryte, Trojan.Agent.BEFC
59.52%
K7 AntiVirus
Trojan , Unwanted-Program
57.14%
NANO AntiVirus
Trojan.Win32.Starter.cwxrcb, Trojan.Win32.Generic.cthmwf, Trojan.Win32.Agent.cxjjsz, Trojan.Win32.SMSSend.ddptxx, Riskware.Win32.DomaIQ.dcnhjo
57.14%
avast!
Win32:PUP-gen [PUP], Rootkit-gen [Rtk], Win32:IBryte-CY [PUP], Win32:Installer-U [PUP], DomaIQ-AP [PUP], Installer-AE [PUP]
57.14%
ESET NOD32
Win32/OutBrowse.P potentially unwanted application, Win32/OutBrowse.D potentially unwanted application, Win32/VOPackage.E potentially unwanted application
57.14%
Agnitum Outpost
PUA.DomaIQ, PUA.OutBrowse, PUA.Agent, Adware.Agent, Riskware.Agent, PUA.AirAd
54.76%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.iBryte, AdWare.Lollipop, AdWare.MSIL.DomaIQ, OScope.Downware.DomaIQ, Downloader.Agent
54.76%
MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.E, Application.Bundler.Agent.B, Trojan.Agent.BEFC, Application.Bundler.DomaIQ.Q, Adware.DomaIQ.T
54.76%
The domain dlp.downloadyourplayer.com has been seen to resolve to the following 15 IP addresses.
www.renewyourexpireddomain.com
September 4, 2014
ec2-54-187-38-138.us-west-2.compute.amazonaws.com
April 14, 2014
File downloads found at URLs served by dlp.downloadyourplayer.com.
Latest 30 of 66 download URLs
The following 2 files have been seen to comunicate with dlp.downloadyourplayer.com in live environments.
URL:
http://dlp.downloadyourplayer.com/
Title:
“downloadyourplayer.com”