download.thankdownload.com

Amonetize ltd.

Domain Information

The domain download.thankdownload.com registered by Windgather Investments was initially registered in March of 2016 through IP MIRROR PTE LTD. DBA IP MIRROR. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network. The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Alberta in Israel.
Registrar:
FREEPARKING DOMAIN REGISTRARS, INC

Server location:
Victoria, Australia (AU)

Create date:
Thursday, March 24, 2016

Expires date:
Friday, March 24, 2017

Updated date:
Thursday, March 24, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.r, PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.V, PUP.Installer.ShetefSolutionsConsulting1998., PUP.Installer.ShetefSolutionsConsulting1998.q, Threat.Win.Reputation.IMP, PUP.Amonetize.Ukra2006.Bundler (M)
94.12%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
88.24%

ESET NOD32
Win32/Amonetize.AA (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AE (variant)
85.29%

McAfee
Artemis!6EE57BBE3A49, Adware-Amonetize!75E6A6BEB316, Adware-Amonetize!D10282E7955B, Adware-Amonetize!A344D0D1EA02, Artemis!CB11E5706DBD, Artemis!23BF262A5325, Artemis!B0A532E757C6, Artemis!C5F11D9CC1CD, Artemis!3A889694EB1D, Artemis!89D5C8027460, Adware-Amonetize!B93D7367FC0C, Adware-Amonetize!6FEADF0D8A84, Artemis!EE825659E674, Artemis!0EAAA6E39EAF, PUP-FBM!19B373E7B425, Artemis!2BCF95E1A80B, Artemis!9CA471CE303E, Artemis!ECC82B569F00, Artemis!B7855FEEC668, Artemis!48C9ACA6A795, Artemis!91963B7861C3
73.53%

McAfee Web Gateway
Artemis!6EE57BBE3A49, Adware-Amonetize!75E6A6BEB316, Adware-Amonetize!D10282E7955B, Adware-Amonetize!A344D0D1EA02, Artemis!CB11E5706DBD
73.53%

Dr.Web
Adware.Downware.1575, Adware.Downware.1833, Adware.Downware.2083, Adware.Downware.1655, Adware.Downware.2467, Adware.Downware.3547
70.59%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
70.59%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/Bundler.Amonetize.N.102, ADWARE/Adware.Gen4
64.71%

Trend Micro House Call
TROJ_GEN.F47V0128, TROJ_GEN.F47V0130, TROJ_GEN.F47V0202, TROJ_GEN.F47V0219, TROJ_GEN.F47V0226, TROJ_GEN.F47V0227, TROJ_GEN.F47V0224
61.76%

avast!
Win32:Amonetize-E [PUP], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:PUP-gen [PUP]
52.94%

Sophos
Amonetize, Generic PUA MC, Generic PUA OB, Generic PUA PL
50.00%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.4785227
47.06%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
47.06%

AVG
Generic_r, MalSign.Wilmo, Generic5, MalSign.Generic, Amonetize, Ukra, Downloader.Generic14
47.06%

G Data
Win32.Application.Amonetize, Application.Bundler.Amonetize, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Application.Bundler.Amonetize.12
41.18%

The domain download.thankdownload.com has been seen to resolve to the following 5 IP addresses.

lb-182-241.above.com
April 12, 2016

July 23, 2014

July 23, 2014

(CloudFlare)
January 20, 2014

(CloudFlare)
January 20, 2014

File downloads found at URLs served by download.thankdownload.com.

1 / 68      (Adware)

10 / 68    (Adware)

15 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=V. Rose - Forever After (2014).rar&ti1=945000&ti2=0&ti3=2014-08-08T22:23:12.172175 00:00  (cognitive psychology and its implications (7th edition) [repost].rar__3039_i1143663308_il2277553.exe)

9 / 68      (Adware)

1 / 68      (Malware)

16 / 68    (Adware)

25 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Larkin Love Power Girl Blowjob Video&ti1=945000&ti2=0&ti3=2014-11-03T05:54:21.063802 00:00  (organic chemistry by john mcmurry brooks and cole 5th edition pdf__2789_i1394758964_il3012507.exe)

12 / 68    (Adware)

12 / 68    (Adware)

16 / 68    (Adware)

14 / 68    (Adware)

15 / 68    (Adware)

 
Latest 30 of 34 download URLs

The following 12 files have been seen to comunicate with download.thankdownload.com in live environments.

URL:
http://download.thankdownload.com/

Title:
“Thank Download | Thank Download”

Web server:
nginx

30 of 30 related domains