» dotnetframework.1800download.com
Overview
Analysis
IPs Addresses (2)
Downloads (3)

dotnetframework.1800download.com

Domain Information

Server location:

Oregon, United States (US)

ASN:

AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

1800download.com

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Dr.Web

Adware.Downware.10304, Win32.Sector.30

66.67%

F-Secure

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality.3

66.67%

Lavasoft Ad-Aware

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality.3

66.67%

Emsisoft Anti-Malware

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality

66.67%

McAfee

Trojan.Artemis!C40FC4A0A9DA, Program.Artemis!C7BEF8B9B4FE

66.67%

Norman

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality.3

66.67%

MicroWorld eScan

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality.3

66.67%

Malwarebytes

PUP.Optional.OpenCandy

66.67%

K7 AntiVirus

Trojan , Virus

66.67%

Agnitum Outpost

Riskware.Agent, Win32.Sality.BL

66.67%

Trend Micro House Call

TROJ_GEN.R0C1H09CP15, PE_SALITY.RL

66.67%

Bitdefender

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality.3

66.67%

G Data

Gen:Trojan.Heur.zu3@xOqvOvni, Win32.Sality

66.67%

ESET NOD32

Win32/OpenCandy.C potentially unsafe application, Win32/Sality.NBA virus

66.67%

AVG

OpenCandy, Win32/Sality

66.67%

The domain dotnetframework.1800download.com has been seen to resolve to the following 2 IP addresses.

52.10.34.223

ec2-52-10-34-223.us-west-2.compute.amazonaws.com

June 5, 2016

54.200.233.120

ec2-54-200-233-120.us-west-2.compute.amazonaws.com

June 5, 2016

File downloads found at URLs served by dotnetframework.1800download.com.

1 / 68 (PUP)

http://dotnetframework.1800download.com/get_azure_file/wUiS4WnYccXAwj uQbjxCggnkkU3LTPkEhv4cpyK4fE9rm/7qHpzztsPK1XsK7H6NWHqnwgMZyGeEKqtG78lwrlp1s3eDQ b7WmhWFT8 3G5gefTrNjbkmdZqtY6gF9QFy/zGDUsnsIh9WjwW2OTUugFi4e9Zn5CKuUgJFsFMqr9RC4gPJCbYk1g3fyxVXlnI5f5kuc2BHvj6w7dl7xmBpivc8G8ZDJW2cuvSKFkxl9A/4Okh1n8bKN3lymuAM1Wrc2/.../6s3FiCdjbbRAT5ZDbDszxqD2QE8m0VTrx9laFjLgGFi79ojvhAUnNGCb 3gfntPUOmDvHB J1708ewm9 (net framework 4.5.1.exe)

18 / 68 (PUP)

http://dotnetframework.1800download.com/get_azure_file/.../SHoHDrNUrcfwsHrJTUFaboxKwoEcKX0XGgmIZrcLVgojqv2ESU3c8b41 cnWyH66xiajvQ1DpO5csWqZ3Zb38K2XuMlnxcHudG zQSpJ 83yz6tQMVc682pFyat7cTUzG5xOuMEGsZmK3RguuGtD1o42gS7lNdBGT7gAw3ypYjvhAUnNGCb 3gfntPUOmDvHB J1708ewm9 (net framework 4.5.1.exe)

37 / 68 (PUP)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.