download.doubletwist.com

doubleTwist Corporation

Domain Information

The domain download.doubletwist.com registered by doubleTwist Corporation was initially registered in September of 2004 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the RIPE Network Coordination Centre network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from download.doubletwist.com - Powered by Reason Core Security
Registrar:
Moniker Online Services

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, September 30, 2004

Expires date:
Monday, September 30, 2019

Updated date:
Monday, August 04, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.doubleTwistCorporation.Q, PUP.Installer.doubleTwistCorporation.U, PUP.Installer.doubleTwistCorporation.T, PUP.doubleTwistCorporation.Installer (M), PUP.Installer.doubleTwistCorporation.Y, PUP.Installer.doubleTwistCorporation.X
94.74%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy.C potentially unsafe (variant)
52.63%

Malwarebytes
PUP.Optional.OpenCandy
52.63%

Kaspersky
not-a-virus:AdWare.Win32.OpenCandy, Trojan.Win32.Crypt
31.58%

Vba32 AntiVirus
AdWare.OpenCandy
31.58%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
31.58%

K7 AntiVirus
Unwanted-Program , Trojan
26.32%

Fortinet FortiGate
Adware/OpenCandy, W32/Adware_fam.NB, Riskware/OpenCandy
26.32%

K7 Gateway Antivirus
Unwanted-Program , Trojan
21.05%

Trend Micro House Call
TROJ_GEN.F47V1105, TROJ_GEN.F47V0215, ADW_OPENCANDY, Suspicious_GEN.F47V0204
21.05%

Quick Heal
Adware.OpenCandy.c (Not a Virus), AdWare.OpenCandy.g5 (Not a Virus)
10.53%

Agnitum Outpost
PUA.OpenCandy
10.53%

IKARUS anti.virus
not-a-virus:AdWare.Win32, Trojan.Win32.Crypt
10.53%

XVirus List
Win32.Detected
10.53%

Jiangmin
Win32/Virut.bn, AdWare/OpenCandy.c
10.53%

The domain download.doubletwist.com has been seen to resolve to the following 18 IP addresses.

January 5, 2016

s3-1-w.amazonaws.com
January 5, 2016

s3-1-w.amazonaws.com
January 4, 2016

s3-1-w.amazonaws.com
January 4, 2016

s3-1-w.amazonaws.com
January 4, 2016

s3-1-w.amazonaws.com
January 3, 2016

s3-1-w.amazonaws.com
July 16, 2015

s3-1-w.amazonaws.com
May 5, 2015

s3-1-w.amazonaws.com
May 5, 2015

s3-1-w.amazonaws.com
May 4, 2015

May 3, 2015

s3-1-w.amazonaws.com
September 2, 2014

s3-1-w.amazonaws.com
July 10, 2014

s3-1-w.amazonaws.com
May 21, 2014

s3-1-w.amazonaws.com
April 29, 2014

s3-1-w.amazonaws.com
April 25, 2014

s3-1-w.amazonaws.com
March 14, 2014

s3-1-w.amazonaws.com
August 4, 2013

File downloads found at URLs served by download.doubletwist.com.

0 / 68
http://download.doubletwist.com/.../vcredist_x86.exe  (5689d43c3b201dd3810fa3bba4a6476a)

1 / 68      (PUP)
http://download.doubletwist.com/.../Application.exe  (ba7e1cc293ce38a10593c1104b8fac5f)

5 / 68      (PUP)
http://download.doubletwist.com/.../Database.exe  (4c0ad27d96c5869aaebd6329ae52a1a5)

2 / 68      (PUP)
http://download.doubletwist.com/.../ThirdParty.exe  (5eff5873b04c08b9624e27f4cfc8b2a7)

1 / 68      (PUP)
http://download.doubletwist.com/.../ffdshow.exe  (8060926a26bd553ee4c4b992c039eaba)

1 / 68      (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (2bdd1bfbf6c3e7a27a64b48c92dd9c46)

1 / 68      (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (86fbaaff290b8df72706d799ef6a0839)

1 / 68      (PUP)

7 / 68      (PUP)

1 / 68      (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (doubletwistsetup_3.0.0.6339.exe)

17 / 68    (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (b00e55596c022249488ffabf5911eece)

5 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

7 / 68      (PUP)

7 / 68      (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (fc44368d41e37efc3ae810f35009de38)

8 / 68      (PUP)

10 / 68    (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (f784409249c116ba5eab9bfe8101e393)

10 / 68    (PUP)

10 / 68    (PUP)

8 / 68      (PUP)
http://download.doubletwist.com/doubleTwistSetup.exe  (c2e648c951463e67496c24de0995fac6)

The following 29 files have been seen to comunicate with download.doubletwist.com in live environments.

 
Latest 20 of 55 files

URL:
http://download.doubletwist.com/

Network:
Amazon Web Services (AWS)

Web server:
AmazonS3

Remove Malware from download.doubletwist.com - Powered by Reason Core Security