files5.mirror2.info

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files5.mirror2.info is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Remove Malware from files5.mirror2.info - Powered by Reason Core Security
Registrar:
GoDaddy.com, LLC

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Y, PUP.Installer.FullSpectrumInteractive.BB, PUP.Installer.FullSpectrumInteractive.T, Threat.Installer.FullSpectrumInteractive, PUP.Tightrope.Zoobam.Bundler (M), PUP.FullSpectrumInteractive.Installer (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.UPlayerMedia.Installer.Meta (M), PUP.DownloadAdmin.Groovecom.Installer (M)
100.00%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Trojan.Win32.Generic
46.00%

Sophos
Download Admin, PUA 'Download Admin'
44.00%

Dr.Web
Adware.Downware.2220, Adware.DownloadAdmin.1
42.00%

ESET NOD32
Win32/DownloadAdmin
32.00%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Nsis.Downware.dlgjls
28.00%

AVG
MalSign.InstallC, Adware MultiBundle.AA
26.00%

avast!
Adware-OH [Adw], Win32:PUP-gen [PUP], Rootkit-gen [Rtk], NSIS:Adware-OH [Adw], Adware-gen [Adw], Malware-gen
26.00%

Malwarebytes
PUP.Optional.FullSpectrumAdmin, PUP.Optional.DownloadAdmin
24.00%

herdProtect (fuzzy)
a variant of 8cc78823db2bf1f1a497642ec5299230f6be17f3, a variant of 1e5ec235fcbbec61c58c3140f75a91d5d770f45e, a variant of c0c8c64539073aa814b18a59f587cdb4feda77fb
22.00%

K7 AntiVirus
Unwanted-Program , Trojan
20.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan
20.00%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
16.00%

McAfee Web Gateway
Artemis!9E66E7504C34, Artemis!43EC8089C3A1, Artemis!6683DA496769, BehavesLike.Win32.Downloader.bc, BehavesLike.Win32.Downloader.hc
14.00%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application
14.00%

The domain files5.mirror2.info has been seen to resolve to the following 4 IP addresses.

50.22.63.138-static.reverse.softlayer.com
October 20, 2014

50.22.63.140-static.reverse.softlayer.com
October 20, 2014

108.168.160.45-static.reverse.softlayer.com
February 6, 2014

50.97.63.217-static.reverse.softlayer.com
February 6, 2014

File downloads found at URLs served by files5.mirror2.info.

1 / 68      (PUP)

1 / 68      (PUP)

9 / 68      (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=30679  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=916287&aid=206933  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

9 / 68      (PUP)
http://files5.mirror2.info/dl?bc=899882&aid=674  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files5.mirror2.info/dl?aid=www&bc=4861  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=671257&aid=473241  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=896274&aid=838  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

6 / 68      (PUP)

9 / 68      (PUP)

6 / 68      (PUP)

13 / 68    (PUP)

1 / 68      (Adware)

13 / 68    (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=176681  (uplayermediaplayer-setup.exe)

16 / 68    (PUP)

 
Latest 30 of 114 download URLs

The following 60 files have been seen to comunicate with files5.mirror2.info in live environments.

 
Latest 20 of 63 files

30 of 45 related domains

Remove Malware from files5.mirror2.info - Powered by Reason Core Security