download.thankdownload.com

Amonetize ltd.  (via a Proxy Registrant)

Domain Information

The domain download.thankdownload.com is registered by proxy through IP MIRROR PTE LTD. DBA IP MIRROR and was originally registered in January of 2014. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below). The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Israel.
Remove Malware from download.thankdownload.com - Powered by Reason Core Security
Registrar:
IP MIRROR PTE LTD. DBA IP MIRROR

Server location:
Arizona, United States (US)

Create date:
Saturday, January 18, 2014

Expires date:
Wednesday, January 18, 2017

Updated date:
Tuesday, January 19, 2016

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.r, PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.V, PUP.Installer.ShetefSolutionsConsulting1998., PUP.Installer.ShetefSolutionsConsulting1998.q, Threat.Win.Reputation.IMP
96.30%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
92.59%

ESET NOD32
Win32/Amonetize.AA (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AE (variant)
92.59%

McAfee
Artemis!6EE57BBE3A49, Adware-Amonetize!75E6A6BEB316, Adware-Amonetize!D10282E7955B, Adware-Amonetize!A344D0D1EA02, Artemis!CB11E5706DBD, Artemis!23BF262A5325, Artemis!B0A532E757C6, Artemis!C5F11D9CC1CD, Artemis!3A889694EB1D, Artemis!89D5C8027460, Adware-Amonetize!B93D7367FC0C, Adware-Amonetize!6FEADF0D8A84, Artemis!0EAAA6E39EAF, PUP-FBM!19B373E7B425, Artemis!2BCF95E1A80B, Artemis!9CA471CE303E, Artemis!ECC82B569F00, Artemis!B7855FEEC668, Artemis!48C9ACA6A795, Artemis!91963B7861C3
85.19%

McAfee Web Gateway
Artemis!6EE57BBE3A49, Adware-Amonetize!75E6A6BEB316, Adware-Amonetize!D10282E7955B, Adware-Amonetize!A344D0D1EA02, Artemis!CB11E5706DBD
85.19%

Dr.Web
Adware.Downware.1575, Adware.Downware.1833, Adware.Downware.2083, Adware.Downware.1655, Adware.Downware.2467, Adware.Downware.3547
77.78%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
77.78%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/Bundler.Amonetize.N.102, ADWARE/Adware.Gen4
74.07%

Trend Micro House Call
TROJ_GEN.F47V0128, TROJ_GEN.F47V0130, TROJ_GEN.F47V0202, TROJ_GEN.F47V0219, TROJ_GEN.F47V0226, TROJ_GEN.F47V0227, TROJ_GEN.F47V0224
70.37%

avast!
Win32:Amonetize-E [PUP], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:PUP-gen [PUP]
59.26%

Sophos
Amonetize, Generic PUA MC, Generic PUA OB, Generic PUA PL
55.56%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
55.56%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.4785227
51.85%

G Data
Win32.Application.Amonetize, Application.Bundler.Amonetize, Gen:Variant.Adware.Graftor.161610, Gen:Variant.Application.Jaik.4831
44.44%

AVG
Generic_r, MalSign.Wilmo, Generic5, MalSign.Generic, Amonetize, Downloader.Generic14, Ukra
44.44%

The domain download.thankdownload.com has been seen to resolve to the following 4 IP addresses.

July 23, 2014

July 23, 2014

(CloudFlare)
January 20, 2014

(CloudFlare)
January 20, 2014

File downloads found at URLs served by download.thankdownload.com.

1 / 68      (Malware)

16 / 68    (Adware)

25 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Larkin Love Power Girl Blowjob Video&ti1=945000&ti2=0&ti3=2014-11-03T05:54:21.063802 00:00  (organic chemistry by john mcmurry brooks and cole 5th edition pdf__2789_i1394758964_il3012507.exe)

12 / 68    (Adware)

12 / 68    (Adware)

16 / 68    (Adware)

14 / 68    (Adware)

15 / 68    (Adware)

7 / 68      (Adware)

12 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Licenta Reimage&ti1=945000&ti2=0&ti3=2014-02-03T13:03:39.786735 00:00  (download.queen.40leipzig.radio.symphony.orchestra41...bohemian.rhapsody.40fl.torrent...kickasstorren)

30 of 30 related domains

Remove Malware from download.thankdownload.com - Powered by Reason Core Security