home

download.thankdownload.com

Amonetize ltd.

Domain Information

The domain download.thankdownload.com registered by Windgather Investments was initially registered in March of 2016 through IP MIRROR PTE LTD. DBA IP MIRROR. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network. The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Alberta in Israel.
Registrar:
FREEPARKING DOMAIN REGISTRARS, INC

Server location:
Victoria, Australia (AU)

Create date:
Thursday, March 24, 2016

Expires date:
Friday, March 24, 2017

Updated date:
Thursday, March 24, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:
thankdownload.com

Whois:
4 thankdownload.com records

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.r, PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.V, PUP.Installer.ShetefSolutionsConsulting1998., PUP.Installer.ShetefSolutionsConsulting1998.q, Threat.Win.Reputation.IMP, PUP.Amonetize.Ukra2006.Bundler (M)
94.12%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
88.24%

ESET NOD32
Win32/Amonetize.AA (variant), Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AE (variant)
85.29%

McAfee
Artemis!6EE57BBE3A49, Adware-Amonetize!75E6A6BEB316, Adware-Amonetize!D10282E7955B, Adware-Amonetize!A344D0D1EA02, Artemis!CB11E5706DBD, Artemis!23BF262A5325, Artemis!B0A532E757C6, Artemis!C5F11D9CC1CD, Artemis!3A889694EB1D, Artemis!89D5C8027460, Adware-Amonetize!B93D7367FC0C, Adware-Amonetize!6FEADF0D8A84, Artemis!EE825659E674, Artemis!0EAAA6E39EAF, PUP-FBM!19B373E7B425, Artemis!2BCF95E1A80B, Artemis!9CA471CE303E, Artemis!ECC82B569F00, Artemis!B7855FEEC668, Artemis!48C9ACA6A795, Artemis!91963B7861C3
73.53%

Dr.Web
Adware.Downware.1575, Adware.Downware.1833, Adware.Downware.2083, Adware.Downware.1655, Adware.Downware.2467, Adware.Downware.3547
70.59%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
70.59%

Avira AntiVirus
ADWARE/Adware.Gen2, APPL/Bundler.Amonetize.N.102, ADWARE/Adware.Gen4
64.71%

Trend Micro House Call
TROJ_GEN.F47V0128, TROJ_GEN.F47V0130, TROJ_GEN.F47V0202, TROJ_GEN.F47V0219, TROJ_GEN.F47V0226, TROJ_GEN.F47V0227, TROJ_GEN.F47V0224
61.76%

avast!
Win32:Amonetize-E [PUP], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:PUP-gen [PUP]
52.94%

Sophos
Amonetize, Generic PUA MC, Generic PUA OB, Generic PUA PL
50.00%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.4785227
47.06%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
47.06%

AVG
Generic_r, MalSign.Wilmo, Generic5, MalSign.Generic, Amonetize, Ukra, Downloader.Generic14
47.06%

G Data
Win32.Application.Amonetize, Application.Bundler.Amonetize, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Application.Bundler.Amonetize.12
41.18%

Baidu Antivirus
Adware.Win32.Amonetize, Adware.Win32.Agent
29.41%

The domain download.thankdownload.com has been seen to resolve to the following 5 IP addresses.

103.224.182.241
lb-182-241.above.com
April 12, 2016

104.28.30.122
July 23, 2014

104.28.31.122
July 23, 2014

108.162.198.155
(CloudFlare)
January 20, 2014

108.162.199.155
(CloudFlare)
January 20, 2014

File downloads found at URLs served by download.thankdownload.com.

2 / 68      (false positives)
http://download.thankdownload.com/.../get.php?q=Klucz Rejestracyjny Fixmyregistry Chomikuj&ti1=945000&ti2=0&ti3=2014-02-08T17:36:30.634760 00:00  (wrar420.exe)

13 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Culioneros Favorite List Xvideos&ti1=945000&ti2=0&ti3=2014-04-09T15:56:55.387014 00:00  (setup.exe)

1 / 68      (Adware)
http://download.thankdownload.com/.../get.php?q=Kama Krida Videos Download&ti1=945000&ti2=0&ti3=2014-09-22T15:48:10.551625 00:00  (kama krida videos download__3039_i1333048128_il220105.exe)

9 / 68      (Adware)
http://download.thankdownload.com/.../get.php?q=Tanar Si Nelinistit Online Subtitrat&ti1=945000&ti2=0&ti3=2014-08-13T12:58:51.023351 00:00  (patch football manager 2012 12.2.2__3039_i1164450390_il1243551.exe)

16 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Tanar Si Nelinistit Serial Online Subtitrat Gratis&ti1=945000&ti2=0&ti3=2014-08-13T13:11:37.555713 00:00  (game mahjong pokemon__3038_i1165371142_il1341537.exe)

15 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=V. Rose - Forever After (2014).rar&ti1=945000&ti2=0&ti3=2014-08-08T22:23:12.172175 00:00  (cognitive psychology and its implications (7th edition) [repost].rar__3039_i1143663308_il2277553.exe)

8 / 68      (Adware)
http://download.thankdownload.com/.../get.php?q=Dolby Advanced Audio V Lenovo&ti1=945000&ti2=0&ti3=2014-10-14T13:54:13.384629 00:00  (tcm forklift service manual__3038_i1372349554_il687989.exe)

14 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Download Treasure Yourself Miranda Kerr Pdf Download Torrent Download&ti1=945000&ti2=0&ti3=2014-02-04T14:00:14.592371 00:00  (quickbooks pro 2002 software__3038_i330256060_il767893.exe)

1 / 68      (Malware)
http://download.thankdownload.com/.../get.php?q=Obd Auto Doctor Pro License&ti1=945000&ti2=0&ti3=2014-08-19T02:31:46.902944 00:00  (obd auto doctor pro license__3038_i1192029366_il663739.exe)

15 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Madam Justice Lori Douglas Photos&ti1=945000&ti2=0&ti3=2014-10-29T15:29:15.968080 00:00  (windows 7 all versions pre activated__3039_i1389475720_il1202972.exe)

22 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Larkin Love Power Girl Blowjob Video&ti1=945000&ti2=0&ti3=2014-11-03T05:54:21.063802 00:00  (organic chemistry by john mcmurry brooks and cole 5th edition pdf__2789_i1394758964_il3012507.exe)

13 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Bingo Bash Download For Pc&ti1=945000&ti2=0&ti3=2014-10-16T11:56:48.247175 00:00  (virtual dj 4.1__3515_i1374614430_il1584109.exe)

13 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Chave De Segurana Do Optimizer Pro&ti1=945000&ti2=0&ti3=2014-09-20T16:07:11.102891 00:00  (push fix deb file__3039_i1328111239_il2669639.exe)

14 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Who Is In The Brazzers Cum And Ill Scream For My Husband Ad&ti1=945000&ti2=0&ti3=2014-09-22T08:51:48.329869 00:00  ({blocked}.exe)

9 / 68      (Adware)
http://download.thankdownload.com/.../get.php?q=Bernard Werber La Trilogie Des Fourmis Torrent Download Torrent Download&ti1=945000&ti2=0&ti3=2014-02-26T09:19:42.810435 00:00  (myegy.com idm 6.19 build 2 by.maher.rar__3516_i386672115_il4039133.exe)

11 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Devexpress 13 1 4 Patch By Dimaster&ti1=945000&ti2=0&ti3=2014-03-07T23:41:13.630391 00:00  ({17 02 2014 last data full.zip}__3038_i410226842_il8107887.exe)

10 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=The Hunter Em Hack&ti1=945000&ti2=0&ti3=2014-02-23T21:28:09.586731 00:00  (idm 6.18 build 7.exe__3038_i380697998_il2870702.exe)

13 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Tg Comic New Image By Infinity Sign Pdf&ti1=945000&ti2=0&ti3=2014-02-12T22:54:55.464043 00:00  (wic 32 bits xp__3038_i352737972_il4942848.exe)

14 / 68    (PUP)
http://download.thankdownload.com/.../get.php?q=Pixia Wordpress Theme Free Download&ti1=945000&ti2=0&ti3=2014-06-09T05:12:17.043112 00:00  (fdm__3472_i819273991_il2.exe)

10 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Escrow Cond Semibold&ti1=945000&ti2=0&ti3=2014-02-18T09:01:47.883224 00:00  (le prisonnier du ciel carlos ruiz zafon__3515_i364474374_il7459902.exe)

14 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Dinesat Radio 9 Classic v3.0.26.6&ti1=945000&ti2=0&ti3=2014-03-14T17:22:27.784851 00:00  (nokia care suite 5.0 2012.12.5.3.rar__3516_i436379449_il287601.exe)

23 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Ghost Recon Phantoms Codes Coupons&ti1=945000&ti2=0&ti3=2014-07-19T01:42:02.718328 00:00  (wifi rehacker unlock key__3039_i1060458180_il2293987.exe)

13 / 68    (PUP)
http://download.thankdownload.com/.../get.php?q=Numero De Serie Adobe Premiere Pro Cc&ti1=945000&ti2=0&ti3=2014-04-08T16:06:12.679532 00:00  (tinyumbrella 7.04.00.exe__3038_i544636956_il3969822.exe)

12 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Serial Para Activar Smart Pc Cleaner&ti1=945000&ti2=0&ti3=2014-07-10T23:38:52.672237 00:00  (serial para activar smart pc cleaner__3515_i1024815036_il1825185.exe)

11 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=AlexB Modern White Dynamics PRO for Acustica Audio Nebula 3.rar&ti1=945000&ti2=0&ti3=2014-01-29T12:08:29.960382 00:00  (youtube research software platinum.zip__3038_i300753101_il140329.exe)

21 / 68    (PUP)
http://download.thankdownload.com/.../get.php?q=Wikileaks Torrent Crack&ti1=945000&ti2=0&ti3=2014-05-09T15:45:20.835232 00:00  (4pl anti cheat tool__3516_i649810142_il4359992.exe)

8 / 68      (Adware)
http://download.thankdownload.com/.../get.php?q=Chaturbate Token Hack Pirate Bay&ti1=945000&ti2=0&ti3=2014-02-28T23:02:50.013041 00:00  (launcher__4529_i391954675_il2295123.exe)

12 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Download Platinum Notes 4&ti1=945000&ti2=0&ti3=2014-01-31T02:32:13.957101 00:00  (minecraft__4621_il568.exe)

14 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Tagged Gold Hack Download Torrent&ti1=945000&ti2=0&ti3=2014-03-13T05:43:13.962628 00:00  (tagged gold hack download torrent__3516_i434339744_il11182707.exe)

11 / 68    (Adware)
http://download.thankdownload.com/.../get.php?q=Torrent True Basic Gold Keygen Torrent Download&ti1=945000&ti2=0&ti3=2014-02-19T16:52:15.682318 00:00  (chinatown 720p hdtv x264 yify.rar__3515_i370728624_il925897.exe)

 
Latest 30 of 34 download URLs

The following 12 files have been seen to comunicate with download.thankdownload.com in live environments.

TCP » 103.224.182.241:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.241:80
uplus.exe (LoadMoneyWebSite)

TCP » 103.224.182.241:80
7tkkmsa v1.5.1.exe (KMS Activator by 7pm Tech)

TCP » 103.224.182.241:80
y03fd24.tmp

TCP » 103.224.182.241:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.241:80
torrent-search.exe (torrent-search)

TCP » 103.224.182.241:3000
dopipjen.exe

TCP » 103.224.182.241:80
online-guardian-v2.0.9.exe

TCP » 103.224.182.241:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.241:80
skype_addon.crx

TCP » 103.224.182.241:3000
fzegwzshmv.exe (Mmradpzyxy nasxbzmaqh epdrtoxayhvufidy xwldikaaz fvfm by Yyqlkf gweeginvoxdfd dcaliect mmvqzaspb ryitflkjseyc zsiydrsyv)

TCP » 103.224.182.241:3000
fuheabyq.exe

URL:
http://download.thankdownload.com/

Title:
“Thank Download | Thank Download”

Web server:
nginx

amonetize.com

aminst.net

wilddownload.com

recentdownload.com

otherdownload.com

askdownload.com

reallydownload.com

amusingdownload.com

activemonetizer.com

winvlc.com

doanesoftware.com

rightfuldownload.com

guidetodownload.com

winflashplayer.com

win7zip.com

zyaada.com

wintvapp.com

nationaldownload.com

transdownload.com

burstingdownload.com

reliabletrusteddownloads.com

averagedownload.com

intactdownload.com

normaldownload.com

easyfiledownloads.net

eachdownload.com

accuratedownload.com

angibledownload.com

shortestdownload.com

downloadnowww.com

30 of 30 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.