download.yes-messenger.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.yes-messenger.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2007. Currently this domain has been known to host various forms of malware. The hosted servers are located in Brussels, Brussels Hoofdstedelijk Gewest within Belgium which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Brussels Hoofdstedelijk Gewest, Belgium (BE)

Create date:
Monday, March 12, 2007

Expires date:
Sunday, March 12, 2017

Updated date:
Sunday, March 13, 2016

ASN:
AS56693 TWOTOWN TwoTown Belgique Sarl

Root domain:

Scanner detections:
Malware distribution  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
Optional.Rentabiliweb.Messanger.Installer.Meta (L), Optional.Rentabiliweb.Messanger (L)
100.00%

Dr.Web
Trojan.DownLoader13.3542
2.04%

Rising Antivirus
NS:Malware.Install!1.9F62
2.04%

Trend Micro House Call
HV_ZYX_BK083B96.TOMC
2.04%

Avira AntiVirus
ADWARE/Adware.Gen
2.04%

McAfee Web Gateway
BehavesLike.Win32.Suspicious.ch
2.04%

The domain download.yes-messenger.com has been seen to resolve to the following IP address.

vip1.2town.net
December 26, 2013

File downloads found at URLs served by download.yes-messenger.com.

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)
http://download.yes-messenger.com/59922/.../PlanCul.exe  (f23bac13fab38ad553c40a6a5d8629d1)

1 / 68      (Malware)

 
Latest 30 of 412 download URLs

The following 106 files have been seen to comunicate with download.yes-messenger.com in live environments.

 
Latest 20 of 107 files

URL:
http://download.yes-messenger.com/

Web server:
Apache