files.yourfiledownloader.com

Via Advertising Group Limited

Domain Information

The domain files.yourfiledownloader.com registered by Whois Privacy Corp. was initially registered in April of 2012 through INTERNET.BS CORP.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Via Advertising Group Limited who is located in Nicosia, CY.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Thursday, April 26, 2012

Expires date:
Tuesday, April 26, 2016

Updated date:
Sunday, December 13, 2015

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ViaAdvertisingGroupLimited.R, PUP.ViaAdvertisingGroupLimited.Q, PUP.ViaAdvertisingGroupLimited.J, PUP.ViaAdvertisingGroupLimited.i, PUP.ViaAdvertisingGroupLimited.p, PUP.Via Advertising.ViaAdvertisingGroup.Bundler (M), Threat.Win.Reputation.IMP
93.33%

Dr.Web
Tool.DownLoader.45, Tool.DownLoader.42
73.33%

VIPRE Antivirus
Via Advertising
73.33%

ESET NOD32
Win32/YourFileDownloader (variant)
73.33%

avast!
Win32:Downloader-UGW [PUP], Win32:PUP-gen [PUP]
66.67%

F-Prot
W32/Backdoor2.HMWF, W32/HLLP.41472
60.00%

K7 AntiVirus
Backdoor , Trojan , Riskware
40.00%

Commtouch SDK
W32/Backdoor.HQVR-8460
40.00%

AVG
Skodna.Generic_r, Dropper.Generic7
40.00%

Bkav FE
W32.Clod5b9.Trojan, W32.Cloda77.Trojan, W32.Clodcb5.Trojan, W32.Clodf08.Trojan
33.33%

Fortinet FortiGate
Riskware/YourFileDownloader, W32/SPNR.08LI12!tr, W32/SPNR.08K712!tr
33.33%

McAfee
Artemis!FDBDDCC11EAD, Artemis!D2137BF605E6, Artemis!2B686DAB4FFB, Artemis!DD96DEA8062C, Artemis!6137078A3132
33.33%

McAfee Web Gateway
Artemis!FDBDDCC11EAD, Artemis!D2137BF605E6, Artemis!2B686DAB4FFB, Artemis!DD96DEA8062C, Artemis!6137078A3132
33.33%

Sophos
Generic PUA PH, Mal/Generic-S, YourFile Downloader
33.33%

herdProtect (fuzzy)
a variant of 66ecef5d18187954844cab9910e489fc625ce9f1, a variant of 6ae646f071ba76f4ed474555fda9473e7b9215a6, a variant of eab622cff6a82a438196dcfeecf5445b85df2b57
26.67%

The domain files.yourfiledownloader.com has been seen to resolve to the following 4 IP addresses.

ns1.ibspark.com
May 15, 2016

199.195.196.180.static.midphase.com
February 5, 2016

unallocated.barefruit.co.uk
May 3, 2015

February 1, 2014

File downloads found at URLs served by files.yourfiledownloader.com.

4 / 68      (Adware)

 
Latest 30 of 66 download URLs

The following 391 files have been seen to comunicate with files.yourfiledownloader.com in live environments.

 
Latest 20 of 403 files

URL:
http://files.yourfiledownloader.com/

Title:
“SmileFiles”

Web server:
nginx/1.2.1 (PHP/5.4.45-0+deb7u2)

Facebook:
Likes:  6
Shares:  47
Comments:  27

Statistics are for the previous month.