» files.airdwnlas.com
Overview
Analysis
IPs Addresses (7)
Downloads (281)
Network (231)

files.airdwnlas.com

AIR SOFTWARE INC.

Domain Information

The domain files.airdwnlas.com registered by AIR SOFTWARE INC. was initially registered in November of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.

Registrant:

AIR SOFTWARE INC.

Registrar:

ENOM, INC.

Server location:

Northern Ireland, United Kingdom (GB)

Create date:

Thursday, November 21, 2013

Expires date:

Monday, November 21, 2016

Updated date:

Thursday, October 22, 2015

Root domain:

airdwnlas.com

Whois:

3 airdwnlas.com records

Scanner detections:

Detections (96% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Adknowledge.InstallManager.Installer (M), PUP.Adknowledge.InstallM.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.Air Software.Installe.Installer (M), PUP.Air Software (M), PUP.Adknowledge (M)

100.00%

Emsisoft Anti-Malware

Gen:Variant.Adware.Kazy.519742

6.25%

avast!

Win32:Adware-BZI [PUP]

6.25%

Norman

Gen:Variant.Adware.Kazy.519742

4.17%

The domain files.airdwnlas.com has been seen to resolve to the following 7 IP addresses.

92.242.140.21

unallocated.barefruit.co.uk

May 28, 2015

184.154.116.114

chicago.airinstaller.com

November 1, 2014

108.168.218.35

108.168.218.35-static.reverse.softlayer.com

October 9, 2014

192.241.139.115

justice.airinstaller.com

August 17, 2014

173.192.195.226

173.192.195.226-static.reverse.softlayer.com

August 17, 2014

162.243.2.91

empire.airinstaller.com

August 12, 2014

173.192.195.228

173.192.195.228-static.reverse.softlayer.com

July 3, 2014

File downloads found at URLs served by files.airdwnlas.com.

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=407713886.347956.95cebf2dbd.4561.d696735e7ed83b63adfabfe03a50f63d (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../ (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?&sid=362039.4974&uid=1577880860.362039.f4486dbfa8.4974.60c29362c96664a0f2c8aa9a9a78adca&filename=Setup (setup.exe)

4 / 68 (PUP)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013514278.347959.3d1e6df177.4561.c7a8cdbc2045917b91d062749ed55114 (setup.exe)

4 / 68 (PUP)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013514278.347935.1f0c119c0c.3914.8a92ccad826bdb9e343fd1f656486fb7 (setup.exe)

3 / 68 (PUP)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013514278.347935.af8e622411.3914.c90311a8e3421b007e1ccac5a3722cd7 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3138024495.347935.8badf94895.3914.b848ae7888bfb3889fb04f47affd8f8f (Setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3138024495.347959.4020be9d38.4561.f92d331656f927a05c39a1146db39630 (Setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Update (update.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=SoftwareUpdater (softwareupdater.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3141052300.347935.7a48ca9187.3914.ad275dcc0f5ea9ab68a223722fdf6dd0 (setup.exe)

0 / 68

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=1543757095.347931.db8430015f.3914.7d68d8c3e9a09cc354bb8056611679df (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=2973831827.347935.6beb27a741.3914.43ed58a9bf87615cc52524dbe3ff7d1c (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3206585184.347935.29cb7a647d.3914.8924ab1e1a3042219d529b7fc7749fd7 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015078591.347935.0c5423f46f.3914.dc0260f708cd04da5f01412956fae1ce (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013452781.347935.118590bde4.3914.c8371a0961ec8e41a9213912629346c9 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013452781.347935.7d082fec0f.3914.a2258044e474ead39c5c2ec944c57e7c (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013452781.347935.fea810b5c6.3914.32932092cb4fd8996cb12e6cc56f3d35 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3013452781.347935.fb471d1801.3914.f5e11de56f7be0a5670e47870cff0783 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015046008.347935.60afdee5da.3914.c4a6639adff28f728e38960417cd1e9a (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015046008.347959.dca4df437d.4561.4c99add05ed4779a7cc65d3a40287360 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015046008.347935.57473cefa0.3914.f8bdeedc3ea5810fe658d3dd84341975 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.17ac4066fe.3914.29e14771ca0b409b4705b8333711bd10 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.041746a8ec.3914.c5374ba3f7c1eee77246980960ea5a10 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.9fc26cf0a5.3914.22e6ba473515b9ee743a004bbd2f3a7a (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.67a08883a0.3914.f3ed416a9514bb8c488576d4f1af2d07 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.5d0fe74a76.3914.96ed62dc6575d05156ad4e39545360d2 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.f05a7be051.3914.51a588bda689f2540f92a7428668a859 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.f96d4c166a.3914.51a588bda689f2540f92a7428668a859 (setup.exe)

1 / 68 (Adware)

http://files.airdwnlas.com/get/click/.../?filename=Setup&uid=3015047370.347935.6475c58366.3914.9d1a1ae473681f8a8e5dd38e2d13b8f5 (setup.exe)

Latest 30 of 281 download URLs

The following 231 files have been seen to comunicate with files.airdwnlas.com in live environments.

TCP » 92.242.140.21:80

smelled.exe (Smelled)

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80

marini.exe (Marini)

TCP » 92.242.140.21:443

client.exe (ClientWrapper)

TCP » 92.242.140.21:80

thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443

WindowService.exe (WindowService)

TCP » 92.242.140.21:443

ciuninstall.exe

TCP » 92.242.140.21:1866

jutched.exe

TCP » 92.242.140.21:443

dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80

masterupdater.exe

TCP » 173.192.195.228:80

setup.exe (Software Updater by AirInstaller)

TCP » 92.242.140.21:80

pricemeterexpress.crx

TCP » 92.242.140.21:80

chrome.crx

TCP » 92.242.140.21:80

app-center.crx

TCP » 92.242.140.21:80

ntp.crx

TCP » 92.242.140.21:80

3dayinvite.crx

TCP » 92.242.140.21:80

twitter.crx

TCP » 92.242.140.21:80

viewlater.crx

TCP » 92.242.140.21:80

rss.crx

Latest 20 of 231 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.