download.winake.com
YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)
Domain Information
The domain download.winake.com registered by YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service) was initially registered in October of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrant:
YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.
Server location:
Dublin City, Ireland (IE)
Create date:
Monday, October 19, 2015
Expires date:
Wednesday, October 19, 2016
Updated date:
Monday, October 19, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.WorldSetup.O, PUP.SecureFile.Installer (M), PUP.GammaInstall (M), PUP.SecureFi.Installer (M), PUP.GammaIns.Installer (M)
100.00%
Malwarebytes
PUP.Optional.InstallCore.A
16.67%
Agnitum Outpost
Trojan.Injected
16.67%
Comodo Security
Application.Win32.InstallCore.BWAN
16.67%
Dr.Web
Trojan.Packed.24524
16.67%
VIPRE Antivirus
Adware.Win32.InstallCore.ba
16.67%
Avira AntiVirus
ADWARE/InstallCore.Gen7
16.67%
G Data
Win32.Application.InstallCore
16.67%
Vba32 AntiVirus
Downware.InstallCore
16.67%
ESET NOD32
Win32/Injected (variant)
16.67%
ESET NOD32
NSIS/Hoax.ArchSMS.V application
16.67%
Clam AntiVirus
Win.Adware.Agent-59030
16.67%
The domain download.winake.com has been seen to resolve to the following IP address.
ec2-54-228-230-132.eu-west-1.compute.amazonaws.com
April 4, 2014
File downloads found at URLs served by download.winake.com.
The following file have been seen to comunicate with download.winake.com in live environments.
