download-file.downloadzone.org

Quick Downloader

Domain Information

The website operated by Adlogica distributes adware bundles of wrapped open-source and legitimate commercial software with various adware toolbars and other potentially unwanted software. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network. The domain is associated with the publisher Quick Downloader who is located in San Francisco, California in the United States.
Registrar:
GoDaddy.com, LLC

Server location:
Arizona, United States (US)

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.SpeedyDownloads.Installer (M), PUP.installCore.DownloadNozzle.Installer (M), PUP.Adlogica.QuickDownloader.Bundler (M), PUP.Outbrowse.Bondonjov.Bundler (M), PUP.installCore.DownloadSafely.Installer (M), PUP.installCore.DownloadGuru.Installer (M), PUP.installCore.DownloadSphere (M), PUP.Outbrowse.SafeClickLol.Bundler (M), PUP.Outbrowse.greatappstLd.Bundler (M), PUP.installCore.DownloadSphere.Installer (M), PUP.installCore.DownloadExpert.Installer (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Adlogica.Downloadinfo.Bundler (M), PUP.InstallCore.TrustedDownloads.Installer (M), PUP.Vittalia.InstallHelper (M), PUP.installCore.DownloadSafely (M), PUP.installCore.InstallMaven.Installer (M), PUP.Air Software.DownloadAssistant.Bundler (M), PUP.installCore.DownloadJet.Installer (M), PUP.Adlogica.FastDownloads.Bundler (M)
100.00%

ESET NOD32
Win32/InstallCore.YV potentially unwanted application, Win32/InstallCore.WQ potentially unwanted application, Win32/InstallCore.TC potentially unwanted application
37.50%

Dr.Web
Trojan.InstallCore.660, Trojan.InstallCore.217, Trojan.InstallCore.61, Trojan.InstallCore.53, Trojan.Vittalia.30, Trojan.InstallCore.640
37.50%

VIPRE Antivirus
Threat.4150696, Threat.4786018, Threat.4782985
31.25%

AVG
Adware InstallCore, Generic
31.25%

K7 Gateway Antivirus
Adware , Trojan , Unwanted-Program
31.25%

K7 AntiVirus
Adware , Trojan , Unwanted-Program
31.25%

F-Secure
Adware.Linkury.M, Gen:Variant.Kazy.311539, Riskware.Gen:Variant.Application.Bundler
27.08%

Avira AntiVirus
Adware/InstallCo.zlz, TR/Dropper.Gen, Adware/InstallCo.nij, PUA/InstallCore.IF
27.08%

Bkav FE
W32.HfsAdware
27.08%

avast!
Malware-gen, Win32:Adware-CKN [PUP], Win32:Adware-CKE [PUP]
20.83%

NANO AntiVirus
Riskware.Win32.InstallCore.drfvwt, Riskware.Win32.InstallCore.dfgovy, Trojan.Win32.DownLoader12.dncixg, Trojan.Win32.Vittalia.dljetu
20.83%

Norman
Kryptik.CDMO, Gen:Variant.Application.Bundler.AirInstaller.5, Gen:Variant.Application.Bundler.32
18.75%

Comodo Security
Application.Win32.InstallCore.KG, Application.Win32.InstallCore.DE, Application.Win32.DownloadAssistant.S, Application.Win32.InstallCore.DQR
16.67%

McAfee
Trojan.Artemis!EC40F5C01761, Trojan.Artemis!75C5EAA4C9BB, Trojan.Artemis!C556B1220966
14.58%

The domain download-file.downloadzone.org has been seen to resolve to the following 13 IP addresses.

December 1, 2015

ip-184-168-221-61.ip.secureserver.net
October 26, 2015

August 16, 2015

August 16, 2015

July 7, 2015

July 7, 2015

May 2, 2015

May 2, 2015

May 2, 2015

May 2, 2015

May 2, 2015

May 1, 2014

May 1, 2014

File downloads found at URLs served by download-file.downloadzone.org.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

27 / 68    (Adware)

17 / 68    (Adware)

3 / 68      (Adware)

1 / 68      (Adware)

11 / 68    (Adware)

0 / 68

17 / 68    (Adware)

11 / 68    (Adware)

1 / 68      (Adware)

15 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

The following file have been seen to comunicate with download-file.downloadzone.org in live environments.

URL:
http://download-file.downloadzone.org/

Title:
“downloadzone.org”

Web server:
Apache