home

dlp.latestvideoplayer.com

YourJungle Privacy Protection Service

Domain Information

The domain dlp.latestvideoplayer.com registered by YourJungle Privacy Protection Service was initially registered in August of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
NAMEPAL.COM #8008

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Saturday, August 16, 2014

Expires date:
Sunday, August 16, 2015

Updated date:
Saturday, September 6, 2014

Root domain:
latestvideoplayer.com

Whois:
4 latestvideoplayer.com records

Scanner detections:
Detections  (73% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Mindadmedia.F, PUP.Installer.TuguuSL.M, PUP.Win.Reputation, PUP.Installer.TuguuSL.F, PUP.Installer.Solimba, PUP.Tuguu.Bundler (M), PUP.Tuguu.LunacomI.Bundler (M), PUP.Tuguu (M)
94.44%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.BundleInstaller.A, PUP.Optional.DomaIQ, PUP.Optional.Firseria
33.33%

K7 AntiVirus
Unwanted-Program
33.33%

Dr.Web
Adware.Downware.1676, Trojan.Packed.24553, Trojan.DownLoader10.51863
33.33%

VIPRE Antivirus
OutBrowse, DomaIQ, Threat.4150696
33.33%

Sophos
DomainIQ pay-per install, PUA 'DomainIQ pay-per install', PUA 'Solimba Installer'
33.33%

AVG
Skodna.Downloader, DomaIQ, AdLoad.B, Adware DomaIQ.BM, Adware BundleApp.W
33.33%

Agnitum Outpost
PUA.OutBrowse, PUA.DomaIQ, PUA.Downloader
33.33%

NANO AntiVirus
Riskware.Win32.DomaIQ.cvvfjy, Trojan.Win32.DomaIQ.csqtgn, Trojan.Win32.Downloader.cninza, Trojan.Win32.Downloader.czjhac
27.78%

Comodo Security
Application.Win32.DomaIQ.P, Application.Win32.DomaIQ.R, Application.Win32.DomaIQ.KR, Application.Win32.Solimba.L
27.78%

Avira AntiVirus
APPL/DomaIQ.Gen7, APPL/Firseria.Gen
27.78%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.MSIL.DomaIQ, OScope.Downware.DomaIQ, Downware.Morstar
27.78%

Panda Antivirus
PUP/MultiToolbar.A, Adware/Firseria
27.78%

ESET NOD32
Win32/OutBrowse (variant), MSIL/DomaIQ (variant)
22.22%

McAfee
Artemis!05EF58C8781E, Artemis!EE65979880B9, Adware-DomaIQ
22.22%

The domain dlp.latestvideoplayer.com has been seen to resolve to the following 5 IP addresses.

92.242.140.21
unallocated.barefruit.co.uk
May 3, 2015

173.236.50.195
boclub.bellnames.com
August 17, 2014

37.152.88.37
hostingsrv12.dondominio.com
May 30, 2014

5.135.66.80
February 6, 2014

176.31.87.144
February 6, 2014

File downloads found at URLs served by dlp.latestvideoplayer.com.

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../4jD9EPXM  (player_setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../PCGzGVz2  (setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../hU2xfSqG  (setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../IJTg0aMw  (player_setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../FKkV3VlI  (player_setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../fXONxhSy  (player_setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../BkViCVIT  (player_setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../ZJIahaGd  (setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../xaxnybsK  (player_setup.exe)

29 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../6FQU29Sp  (setup.exe)

0 / 68
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../mla6vW36  (norton security scan setup.exe)

0 / 68
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../1l8qsqVc  (setup.exe)

35 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../oRdLPLK1  (setup.exe)

1 / 68      (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../Z4QRlddX  (setup.exe)

1 / 68      (false positive)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../H5ZK4Xyp  (shsetup.exe)

2 / 68      (false positives)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../H5ZK4Xyp  (wrar420.exe)

0 / 68
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../2CLOuy3r  (setup.exe)

29 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../1PB4bMrz  (player_setup.exe)

24 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../oUoyFmEg  (player_setup.exe)

18 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Player_Setup/485/.../4wgH2psN  (player_setup.exe)

0 / 68
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../P0zr0P4s  (setup.exe)

12 / 68    (Adware)
http://dlp.latestvideoplayer.com/p/151/Setup/485/.../2JQLf7lg  (setup.exe)

The following 230 files have been seen to comunicate with dlp.latestvideoplayer.com in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 92.242.140.21:80
pricemeterexpress.crx

TCP » 92.242.140.21:80
chrome.crx

TCP » 92.242.140.21:80
app-center.crx

TCP » 92.242.140.21:80
ntp.crx

TCP » 92.242.140.21:80
3dayinvite.crx

TCP » 92.242.140.21:80
twitter.crx

TCP » 92.242.140.21:80
viewlater.crx

TCP » 92.242.140.21:80
rss.crx

TCP » 92.242.140.21:80
datapump.crx

 
Latest 20 of 230 files

URL:
http://dlp.latestvideoplayer.com/

Web server:
nginx/1.0.15

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.