The domain download.mipony.net is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dusseldorf, Nordrhein-Westfalen within Germany which resides on the RIPE Network Coordination Centre network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Nordrhein-Westfalen, Germany (DE)
Create date:
Saturday, October 10, 2009
Expires date:
Monday, October 10, 2016
Updated date:
Tuesday, October 6, 2015
ASN:
AS24961 MYLOC-AS myLoc managed IT AG
Scanner detections:
Detections (55% detected)
Scan engine
Details
Detections
ESET NOD32
Win32/InstallCore.CF (variant), Win32/InstallCore.BY (variant), Win32/InstallCore.IJ (variant), Win32/InstallCore.JE.gen (variant), Win32/InstallCore.PZ (variant), Win32/InstallCore.OZ (variant), Win32/InstallCore.WX potentially unwanted (variant)
66.67%
Dr.Web
Trojan.Packed.24524, Adware.InstallCore.124, Adware.Downware.908, Trojan.DownLoader9.402, Trojan.Packed.24141, Trojan.MulDrop5.10078, Trojan.Packed.25266, Trojan.Siggen6.33552
63.64%
Reason Heuristics
PUP.ISfreemium.Q, PUP.ExtendedSetup.Q, PUP.WorldSetup.CC, PUP.WorldSetup.Q, PUP.Optional.MaxSetup.Q, PUP.MaxSetup.Q, PUP.STMSetup.Q, PUP.InstallCore.11 (M)
45.45%
Fortinet FortiGate
Riskware/InstallCoreDL, Riskware/InstallCore_JE, W32/Kryptik.BVVE!tr, W32/Toolbar.BABYLON, W32/Toggle, Riskware/Babylon
39.39%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, TrojanDownloader.Genome, Downware.InstallCore, Trojan.Vilsel
36.36%
VIPRE Antivirus
InstallCore, Trojan.Win32.Generic, Babylon, Conduit
33.33%
Trend Micro House Call
TROJ_GEN.F47V1121, TROJ_SPNR.0CFD13, TROJ_GEN.F47V0801, TROJ_GEN.F47V0214, TROJ_GEN.F47V0224, TROJ_GEN.F47V0317, TROJ_GEN.F47V0417, Suspicious_GEN.F47V0625, Suspicious_GEN.F47V0122
30.30%
Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.Bbylon, Adware.Win32.BrowseFox
30.30%
Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, NS:Malware.Install!1.9F62, PE:Malware.InstallCore!6.4, PE:Trojan.Win32.Generic.16F55F76!385179510
27.27%
Avira AntiVirus
APPL/InstallCore.AT.13, APPL/InstallCore.Y.56, ADWARE/InstallCore.Gen7
21.21%
K7 AntiVirus
Trojan , Unwanted-Program
21.21%
McAfee
Artemis!1571F79C4CF6, Artemis!7F471A167033, Artemis!D5463C1170FA, Artemis!D2516C85D562, Artemis!3B0F525C9E47, Artemis!4279176CAFE4
21.21%
Sophos
Install Core Click run software, Mal/Generic-S
18.18%
Bkav FE
W32.Clod34b.Trojan, W32.Clod6d7.Trojan, W32.Clod456.Trojan, W32.Clodb3c.Trojan, W32.Clod68a.Trojan
15.15%
Comodo Security
UnclassifiedMalware, ApplicUnwnt, Application.Win32.Installcore.B, Application.Win32.InstallCore.DR
15.15%
The domain download.mipony.net has been seen to resolve to the following 2 IP addresses.
166.ip-164-132-99.eu
March 3, 2016
o031.orange.fastwebserver.de
December 28, 2013
File downloads found at URLs served by download.mipony.net.
The following 12 files have been seen to comunicate with download.mipony.net in live environments.
URL:
http://download.mipony.net/
Web server:
nginx/1.6.2 (Ubuntu)
Statistics are for the previous month.
Related Domains