file.org

File.org

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pittsburgh, Pennsylvania within the United States which resides on the pair Networks network.
Registrar:
eNom, Inc.

Server location:
Pennsylvania, United States (US)

ASN:
AS7859 PAIR-NETWORKS - pair Networks

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Fileorg.T, PUP.Installer.Fileorg.X, PUP.Installer.Fileorg.W, PUP.installCore.Fileorg.Installer (M), PUP.installCore.MaxSetup.Installer (M), PUP.TrustedS.Bundler (M), PUP.installCore.KawagaSo.Installer (M), PUP.Covus.Freemium.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.installCore.KawagaSo (M), PUP.InstallCore.RES (M), PUP (M), PUP.Air Software (M), PUP.installCore (M), PUP.Vittalia (M), PUP.DownloadAssistant.Bundler (M)
97.96%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/InstallCore.Gen7
10.20%

Dr.Web
Adware.Downware.4757, Trojan.InstallCore.24, Trojan.InstallCore.1479, Adware.InstallCore.133, Trojan.InstallCore.1479, Adware.InstallCore.122
10.20%

ESET NOD32
Win32/InstallCore.PC, Win32/InstallCore.PR (variant), Win32/InstallCore.QF (variant), Win32/InstallCore.BL
8.16%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, InstallCore.b
8.16%

K7 Gateway Antivirus
Trojan , Unwanted-Program
8.16%

K7 AntiVirus
Trojan , Unwanted-Program
8.16%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
8.16%

ESET NOD32
Win32/InstallCore.QF potentially unwanted application, Win32/InstallCore.BX potentially unwanted application, Win32/InstallCore.BY potentially unwanted application
8.16%

McAfee Web Gateway
BehavesLike.Win32.CryptInno.bc, Artemis!C686D29ECBEA
6.12%

herdProtect (fuzzy)
a variant of 36e9d2ccdd9d371bac59be2e2e19e9f0f1386724, a variant of 7557d0efa8db124532e72b798eb5f670186b08d9
4.08%

McAfee
Artemis!9552988A6E38, Artemis!C686D29ECBEA
4.08%

AhnLab V3 Security
PUP/Win32.Downloader
4.08%

F-Prot
W32/InstallCore.R2.gen, W32/InstallCore.R.gen
4.08%

Vba32 AntiVirus
Downware.InstallCore
2.04%

The domain file.org has been seen to resolve to the following IP address.

file.org
January 4, 2014

File downloads found at URLs served by file.org.

1 / 68      (Adware)

3 / 68      (PUP)
http://file.org/.../dl.php?fid=10585460&p=pmfsb  (openofficebasesetup-10585460-pmfsb.exe)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://file.org/.../dl.php?pid=149  (openofficewritersetup-10585466-tfsb.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=15080275&p=tfsb&a=upd&v=20121006  (adobeflashplayerpluginsetup-15080275-tfsb.exe)

1 / 68      (Adware)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1419208  (systoolsemlviewersetup-22187970.exe)

1 / 68      (PUP)

1 / 68      (Adware)

14 / 68    (PUP)
http://file.org/.../dl.php?fid=3942361&p=None  (bullzippdfprintersetup-3942361-none.exe)

0 / 68
http://file.org/.../dl.php?pid=802  (vlcmediaplayersetup.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=96680  (kmplayersetup-21239551.exe)

1 / 68      (Adware)

4 / 68      (PUP)

9 / 68      (PUP)

12 / 68    (PUP)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=24906876&p=pmfsb&a=upd&v=20140325  (AdobeFlashPlayerActiveXSetup-24906876.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1061  (microsoftpowerpointviewersetup-22271-vffsb.exe)

1 / 68      (PUP)

1 / 68      (Adware)
http://file.org/.../dl.php?pid=997467  (snappeasetup-2407728-pmfsb.exe)

1 / 68      (Adware)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=14089539&p=None&a=upd  (adobeairsetup-14089539-none.exe)

1 / 68      (Adware)

4 / 68      (Adware)
http://file.org/.../dl.php?fid=10585460&p=None&a=upd  (openofficebasesetup-10585460-none.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=10585466&p=None&a=upd  (openofficewritersetup-10585466-none.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1354  (winzipsetup-23297250.exe)

 
Latest 30 of 657 download URLs

The following 16 files have been seen to comunicate with file.org in live environments.

February 6, 2014

May 1, 2014

February 6, 2014

September 3, 2014

URL:
http://file.org/

Google Analytics:
UA-20040237

Title:
“File.org - We help you open your files!”

Web server:
Apache/2.2.31

Facebook:
Likes:  1,918
Shares:  190
Comments:  67

Statistics above are for the previous month of June 2017.