home

files4.mirror6.net

mark marrocco

Domain Information

The domain files4.mirror6.net registered by mark marrocco was initially registered in July of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the nLayer Communications Internal/Backbone network.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Wednesday, July 31, 2013

Expires date:
Monday, July 31, 2017

Updated date:
Saturday, August 1, 2015

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:
mirror6.net

Whois:
2 mirror6.net records

Google Safe Browsing:
malware

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.CodeTechno.U, PUP.Installer.DownloadAdmin.U, PUP.Installer.DownloadAdmin.V, PUP.Installer.Groovecom.Y, PUP.Installer.CodeTechno.W, PUP.Groovecom.Y, PUP.Installer.DownloadAdmin.N, PUP.DownloadAdmin.T, PUP.Installer.CodeTechno.N, PUP.Installer.FullSpectrumInteractive.Z, PUP.Tightrope.Blueis.Bundler (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.Tightrope.Statscom.Bundler (M), PUP.Tightrope.DownloadAdmin.Bundler (M), PUP.Tightrope.Download.Bundler (M), PUP.DownloadAdmin.FullSpec.Installer (M), PUP.DownloadAdmin.Bundler (M)
100.00%

VIPRE Antivirus
DownloadAdmin, Threat.4150696, Threat.4783369, Trojan.Win32.Generic
68.57%

Dr.Web
Adware.Downware.2220, Adware.DAdmin.151, Trojan.Vittalia.27
68.57%

F-Secure
Adware:W32/WebInstallBundle
62.86%

Avira AntiVirus
ADWARE/Adware.Gen, APPL/Downloader.Gen, TR/Trash.Gen
60.00%

AVG
Generic, InstallC
60.00%

Agnitum Outpost
Riskware.Agent
45.71%

Trend Micro House Call
Suspicious_GEN.F47V0620, Suspicious_GEN.F47V0720, Suspicious_GEN.F47V0705, Suspicious_GEN.F47V0802, Suspicious_GEN.F47V0801
37.14%

Sophos
Generic PUA OI, Download Admin, Generic PUA KN, PUA 'Download Admin'
37.14%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/DownloadAdmin.I potentially unwanted application
37.14%

Malwarebytes
PUP.Optional.DownloadAdmin, PUP.Optional.BundleInstaller.A, PUP.Optional.FullSpectrumAdmin, PUP.Optional.DownloadAdmin.A
34.29%

ESET NOD32
Win32/DownloadAdmin, Win32/DownloadAdmin (variant)
31.43%

McAfee
Artemis!2B0AECF77D83, Artemis!DBCD0D1816F7, Artemis!44207F5CA138, Artemis!5B3627DB611D, Artemis!2A7B349E86B2, Artemis!9588BF3C29EA, Artemis!5726256FCFA7, Artemis!CF10D7B83E12
25.71%

K7 AntiVirus
Adware , Unwanted-Program , Trojan
25.71%

NANO AntiVirus
Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt, Trojan.Win32.DAdmin.djhtdm, Riskware.Nsis.Downware.dlgjls
22.86%

The domain files4.mirror6.net has been seen to resolve to the following 47 IP addresses.

23.15.8.89
a23-15-8-89.deploy.static.akamaitechnologies.com
August 30, 2016

23.15.8.33
a23-15-8-33.deploy.static.akamaitechnologies.com
August 30, 2016

104.96.221.152
a104-96-221-152.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.221.138
a104-96-221-138.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.221.122
a104-96-221-122.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.221.112
a104-96-221-112.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.221.81
a104-96-221-81.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.221.58
a104-96-221-58.deploy.static.akamaitechnologies.com
July 23, 2016

104.96.220.226
a104-96-220-226.deploy.static.akamaitechnologies.com
June 24, 2016

104.96.220.227
a104-96-220-227.deploy.static.akamaitechnologies.com
June 24, 2016

104.96.220.216
a104-96-220-216.deploy.static.akamaitechnologies.com
May 24, 2016

104.96.220.233
a104-96-220-233.deploy.static.akamaitechnologies.com
May 24, 2016

65.158.47.154
April 14, 2016

65.158.47.131
April 14, 2016

23.0.160.88
a23-0-160-88.deploy.static.akamaitechnologies.com
February 29, 2016

23.0.160.98
a23-0-160-98.deploy.static.akamaitechnologies.com
February 29, 2016

23.15.7.120
a23-15-7-120.deploy.static.akamaitechnologies.com
August 11, 2015

23.15.7.105
a23-15-7-105.deploy.static.akamaitechnologies.com
August 11, 2015

184.26.44.98
a184-26-44-98.deploy.static.akamaitechnologies.com
May 3, 2015

184.26.44.103
a184-26-44-103.deploy.static.akamaitechnologies.com
May 3, 2015

23.67.243.59
a23-67-243-59.deploy.static.akamaitechnologies.com
May 2, 2015

69.31.29.47
ip-69-31-29-47.nlayer.net
December 23, 2014

69.31.29.197
ip-69-31-29-197.nlayer.net
December 23, 2014

184.51.126.50
a184-51-126-50.deploy.static.akamaitechnologies.com
September 9, 2014

184.51.126.64
a184-51-126-64.deploy.static.akamaitechnologies.com
September 9, 2014

23.62.7.9
a23-62-7-9.deploy.static.akamaitechnologies.com
September 7, 2014

23.62.7.33
a23-62-7-33.deploy.static.akamaitechnologies.com
September 7, 2014

23.62.6.59
a23-62-6-59.deploy.static.akamaitechnologies.com
September 5, 2014

23.62.6.66
a23-62-6-66.deploy.static.akamaitechnologies.com
September 5, 2014

23.0.160.41
a23-0-160-41.deploy.static.akamaitechnologies.com
September 5, 2014

 
Showing 30 of 47 IP Addresses

File downloads found at URLs served by files4.mirror6.net.

1 / 68      (PUP)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1075836&country=GB&cb=858088466  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?s=chromedl&c=organic&brand=topvideosoft.com&pid=topvideosoft&bc=1086440&country=IN&cb=-1378651475&filename=chrome-update.exe&productKey=pwhux3komm3645q6z3zvgdod6ug2bbpk&zTmp=1  (e89acc16d1b82cb7cc62ffe299d82023)

1 / 68      (PUP)
http://files4.mirror6.net/download/.../dl?v.id=MOVIE&brand=piratebay.com&pid=piratebay&bc=962730&country=IL&cb=-123200682  (delugetorrentclient-setup.exe)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?bc=951917&pid=w4&brand=uplayer.us.com&aid=104193&s=default&country=US&p_rid=default&cb=-318983758&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?s=102144ae9e87ed520056e821cd8094&c=188&brand=solutionswide.com&pid=solutionswide&aid=2&bc=1085002&country=US&cb=206696533&filename=YoutubeDownloader.exe&productKey=nvzkg3yxs2lezxmy6mwumq5xqn25omt4&zTmp=1  (ee1b5aed91cac7cf8271947f7b736afe)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?s=wmm&c=organic&brand=topvideosoft.com&pid=topvideosoft&bc=1086440&country=ID&cb=-1167834511&filename=windows-movie-maker.exe&productKey=4oclm7thi3pckshnpmnwai4ij7yjyc47&zTmp=1  (3eb52f119c553d8b9bb9c4d376400207)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?s=bing&c=2451&brand=youdownloaders.com&pid=youdownloaders&aid=1&bc=989443&country=US&cb=698725324&filename=multiplyroi_tango.exe&zTmp=1  (41e4d45ba8d729d0d39b6c2550f94746)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?bc=951917&pid=w4&brand=uplayer.us.com&aid=104193&s=default&country=US&p_rid=default&cb=2034996787&osName=Windows&osVersion=7&browserName=IE&browserVersion=11&zTmp=1  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?s=bing&c=2832&brand=youdownloaders.com&pid=youdownloaders&aid=1&bc=989391&country=US&cb=-658942732&filename=multiplyroi_tinyumbrella.exe&zTmp=1  (acfbda26016b6e8d53a0e4c94d761bbd)

1 / 68      (PUP)
http://files4.mirror6.net/download/.../dl?v.id=frozen&brand=piratebay.com&pid=piratebay&bc=962730&country=US&cb=-1875721052  (delugetorrentclient-setup.exe)

11 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?bc=1085002&pid=solutionswide&brand=solutionswide.com&aid=1257&s=102184ad1f7fde7104b95f4601cb6f&c=972&country=US&cb=-210544889&filename=JavaUpdate.exe&productKey=t7in555zhjajcdx46g2u4xmw73b6lfjd&osName=Windows&osVersion=7&browserName=IE&browserVersion=8&zTmp=1  (654d00911221b0a8bc5a33c8952a9d21)

10 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?v.id=cars&brand=piratebay.com&pid=piratebay&bc=962730&country=SE&cb=-722057857  (delugetorrentclient-setup.exe)

10 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?v.id=cars&brand=piratebay.com&pid=piratebay&bc=962730&country=SE&cb=-1832268210  (delugetorrentclient-setup.exe)

10 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?v.id=cars&brand=piratebay.com&pid=piratebay&bc=962730&country=SE&cb=82108053  (delugetorrentclient-setup.exe)

10 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?v.id=cars&brand=piratebay.com&pid=piratebay&bc=962730&country=SE&cb=-343101745  (delugetorrentclient-setup.exe)

9 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1075836&country=GB&cb=1887617991  (vlcmediaplayer-setup.exe)

9 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1075836&country=GB&cb=309937  (vlcmediaplayer-setup.exe)

9 / 68      (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1075836&country=GB&cb=-473109112  (vlcmediaplayer-setup.exe)

0 / 68
http://files4.mirror6.net/download/.../dl?s=bing&c=2451&brand=youdownloaders.com&pid=youdownloaders&aid=1&bc=989443&country=US&cb=-1133346330&filename=multiplyroi_tango.exe&zTmp=1  (SetupTango.exe)

14 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=1541957016&zTmp=1  (vlcmediaplayer-setup.exe)

19 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=-1701195989&zTmp=1  (vlcmediaplayer-setup.exe)

19 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=-1430819586&zTmp=1  (vlcmediaplayer-setup.exe)

14 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=913695905&zTmp=1  (vlcmediaplayer-setup.exe)

11 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=-1009158690&zTmp=1  (vlcmediaplayer-setup.exe)

11 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?s=ORGANIC&brand=amnistechnology.com&pid=amnistech&aid=pdflite.com&bc=1080446&country=IT&cb=437657116&zTmp=1  (pdflite-setup.exe)

11 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?s=bing&c=22220&brand=youdownloaders.com&pid=youdownloaders&aid=5&bc=1107578&country=US&cb=-210421652&filename=multiplyroi_the-sims-3.exe&zTmp=1  (f2904a28f052bc165356a0eb290ae08c)

17 / 68    (Adware)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1084396&country=GB&cb=1931832172&zTmp=1  (vlcmediaplayer-setup.exe)

12 / 68    (PUP)
http://files4.mirror6.net/download/.../dl?brand=piratebay.com&pid=piratebay&bc=1080310&country=GB&cb=-1500808019&zTmp=1  (vlcmediaplayer-setup.exe)

9 / 68      (PUP)
http://files4.mirror6.net/download/.../dl?s=BING&brand=amnistechnology.com&pid=amnistech&aid=pdflite.com&bc=1080446&country=US&cb=1175543288&zTmp=1  (pdflite-setup.exe)

9 / 68      (PUP)
http://files4.mirror6.net/download/.../dl?v.id=catching fire&brand=piratebay.com&pid=piratebay&bc=962730&country=AU&cb=-1541428254  (delugetorrentclient-setup.exe)

 
Latest 30 of 103 download URLs

The following 736 files have been seen to comunicate with files4.mirror6.net in live environments.

TCP » 184.26.44.103:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
cpx.exe (Google Embedded Application)

TCP » 184.26.143.192:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.103:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:443
dailywiki.exe

TCP » 184.26.44.98:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.103:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.143.201:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.103:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.26.44.98:80
dailywiki.exe

TCP » 184.26.44.98:80
apptrailers.exe

TCP » 184.51.126.50:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.51.126.56:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.51.126.64:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 23.15.7.105:80
whatsapptime.exe

TCP » 184.26.44.98:80
utilfasterlight.exe

TCP » 184.51.126.32:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 772 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.