» download.installbrain.com
Overview
Analysis
IPs Addresses (2)
Downloads (19)
Network (2)
Related Domains (8)

download.installbrain.com

Softango Technology LLC (via a Proxy Registrant)

Domain Information

The domain download.installbrain.com is registered by proxy through Moniker Online Services and was originally registered in August of 2011. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Washington, Virginia within the United States which resides on the SoftLayer Technologies Inc. network. The domain is associated with the publisher Softango Technology LLC who is located in Beaverton, Oregon in the United States.

Registrant:

Moniker Privacy Services on behalf of Softango Technology LLC

Registrar:

Moniker Online Services

Server location:

Virginia, United States (US)

Create date:

Sunday, August 28, 2011

Expires date:

Sunday, August 28, 2016

Updated date:

Thursday, December 17, 2015

ASN:

AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:

installbrain.com

Whois:

2 installbrain.com records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.Performersoft.T, PUP.Performersoft.InstallBrain.Installer (M), Threat.Win.Reputation.IMP, PUP.Performersoft.InstallB.Installer (M), PUP.Performersoft (M)

100.00%

ESET NOD32

Win32/InstallBrain (variant)

5.26%

Emsisoft Anti-Malware

Trojan.Win32.InstallBrain.AMN!A2

5.26%

Dr.Web

Adware.Downware.271

5.26%

VIPRE Antivirus

Trojan.Win32.Generic!SB.0

5.26%

The domain download.installbrain.com has been seen to resolve to the following 2 IP addresses.

50.97.57.37

50.97.57.37-static.reverse.softlayer.com

January 4, 2016

50.23.135.221

50.23.135.221-static.reverse.softlayer.com

January 4, 2016

File downloads found at URLs served by download.installbrain.com.

1 / 68 (PUP)

http://download.installbrain.com/.../gk6vv?exename=Tube2FileSetup&cid=275&clickid=0000010610846644799&clickid=0000010610846644799 (tube2filesetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxcv?exename=ZoolaGamesSetup&clickid=0005996660778639898 (zoolagamessetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxcv?exename=ZoolaGamesSetup&cid=224&clickid=0010052410861848253 (zoolagamessetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxv0?exename=TVNoopSetup&clickid=0008932820861049765&clickid=0008932820861049765 (tvnoopsetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkc6b?exename=FreeVideoPerformer&cid=161 (freevideoperformer.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gk6vv?exename=Tube2FileSetup&cid=275&clickid=0006088020865942884&clickid=0006088020865942884 (tube2filesetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gk6vv?exename=Tube2FileSetup&cid=275&clickid=0009598990854484175&clickid=0009598990854484175 (tube2filesetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxcm?exename=Wall2GoSetup&clickid=0000003060793178351 (wall2gosetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxv0?exename=TVNoopSetup&clickid=0000003060839381599 (tvnoopsetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkc6b?exename=FreeVideoPerformer&cid=161 (freevideoperformer.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gk6vv?exename=Tube2FileSetup&cid=275&clickid=0007294730837239807&clickid=0007294730837239807 (tube2filesetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkc31?exename=PCPerformerSetup&clickid=0006088020788635799 (pcperformersetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxv0?exename=TVNoopSetup&clickid=0009656140812544340 (tvnoopsetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxv0?exename=TVNoopSetup&clickid=0000003060801905319 (tvnoopsetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxv0?exename=TVNoopSetup&clickid=0009656140801518627 (tvnoopsetup.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxcm?exename=Wall2GoSetup&cid=233&clickid=0009656140876644080&clickid=0009656140876644080 (wall2gosetup.exe)

1 / 68 (Malware)

http://download.installbrain.com/.../gk63r?cid=297&exename=VideoPerformer&clickid=0000010610888197882&clickid=0000010610888197882 (videoperformer.exe)

1 / 68 (PUP)

http://download.installbrain.com/.../gkxcv?exename=ZoolaGamesSetup&clickid=0007417410808783019 (zoolagamessetup.exe)

5 / 68 (PUP)

http://download.installbrain.com/.../gkc69?exename=AudioPerformerSetup (audioperformersetup.exe)

The following 2 files have been seen to comunicate with download.installbrain.com in live environments.

TCP » 50.97.57.37:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.23.135.221:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.57.37:80

UCBrowser.exe (UC Browser by UCWeb)

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.