home

files5.mirror2.info

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files5.mirror2.info is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
GoDaddy.com, LLC

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
mirror2.info

Whois:
3 mirror2.info records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Y, PUP.Installer.FullSpectrumInteractive.T, PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.DownloadAdmin.FullSpec.Installer (M), PUP.DownloadAdmin.Grooveco.Installer (M), PUP.UPlayerMedia.Installer.Meta (M), PUP.Tightrope.Download.Bundler (M), PUP.DownloadAdmin (M)
100.00%

VIPRE Antivirus
DownloadAdmin
10.00%

ESET NOD32
Win32/DownloadAdmin
10.00%

Sophos
Download Admin
10.00%

Dr.Web
Adware.Downware.2220, Adware.DownloadAdmin.1
8.00%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr
8.00%

Malwarebytes
PUP.Optional.FullSpectrumAdmin, PUP.Optional.DownloadAdmin
6.00%

herdProtect (fuzzy)
a variant of 91e077df334609d9d06c0aa406732444f35c0751, a variant of c0c8c64539073aa814b18a59f587cdb4feda77fb, a variant of 826ef148d2f34b4be1519911fb7b422ae6c50ac9
6.00%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
6.00%

avast!
Adware-OH [Adw], Win32:PUP-gen [PUP]
4.00%

AVG
InstallC, MultiBundle
4.00%

McAfee
Artemis!CAC2871D15F6, Artemis!4E3C8437137D
4.00%

F-Secure
Adware:W32/WebInstallBundle
2.00%

AhnLab V3 Security
PUP/Win32.Downloader
2.00%

K7 AntiVirus
Unwanted-Program
2.00%

The domain files5.mirror2.info has been seen to resolve to the following 4 IP addresses.

50.22.63.138
50.22.63.138-static.reverse.softlayer.com
October 20, 2014

50.22.63.140
50.22.63.140-static.reverse.softlayer.com
October 20, 2014

108.168.160.45
108.168.160.45-static.reverse.softlayer.com
February 6, 2014

50.97.63.217
50.97.63.217-static.reverse.softlayer.com
February 6, 2014

File downloads found at URLs served by files5.mirror2.info.

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=899882&aid=674  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=671257&aid=30679  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=37&aid=219&c=4692  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&pid=adshore2&source=48&aid=&c=  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=matomy  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=37&aid=219&c=393  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=41&aid=12649932&c=12650044  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=41&aid=11775400&c=11775437  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=24471  (browserupdate-setup.exe)

1 / 68      (Adware)
http://files5.mirror2.info/dl?aid=www&bc=4861  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=37&aid=219&c=501653  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=3313656  (browserupdate-setup.exe)

11 / 68    (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=30679  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files5.mirror2.info/dl?aid=www&bc=4809&geo  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files5.mirror2.info/dl?bc=965562&source=59&aid=23287692&c=23288328  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=671257&aid=7309  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=41&aid=16841265&c=16883313  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=906517&aid=CD8826  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=6115403  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=3532446  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=34&aid=350210&c=550708  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=1290070  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=896274&aid=146513  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=31542  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=36&aid=1&c=1762728  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=41&aid=9718168&c=21614933  (browserupdate-setup.exe)

6 / 68      (PUP)
http://files5.mirror2.info/dl?bc=896274&aid=125  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=3439  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=965562&source=41&aid=12649932&c=12649975  (browserupdate-setup.exe)

1 / 68      (PUP)
http://files5.mirror2.info/dl?bc=919437&aid=366151  (uplayermediaplayer-setup.exe)

 
Latest 30 of 187 download URLs

The following 236 files have been seen to comunicate with files5.mirror2.info in live environments.

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
TNT2User.exe (by Eshield)

TCP » 50.97.63.217:80
eshieldtoolbar.exe (by Eshield)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.140:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.138:80
updateadmin.exe

TCP » 50.22.63.138:80
windowssoftwareupdater.exe (SoftwareUpdater)

TCP » 50.22.63.140:80
updateadmin.exe

TCP » 50.22.63.140:80
update_31.exe (Fast Downloader Media)

TCP » 50.22.63.138:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.138:80
netdownloader.exe

TCP » 50.22.63.140:80
netdownloader.exe

TCP » 50.97.63.217:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.22.63.140:80
update_14.exe (Fast Downloader Media)

 
Latest 20 of 319 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.