files5.mirror6.net

mark marrocco

Domain Information

The domain files5.mirror6.net registered by mark marrocco was initially registered in July of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Remove Malware from files5.mirror6.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Texas, United States (US)

Create date:
Wednesday, July 31, 2013

Expires date:
Monday, July 31, 2017

Updated date:
Saturday, August 01, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FullSpectrumInteractive.Z, PUP.HeliosSystems.W, PUP.Installer.CodeTechno.N, PUP.Tightrope.Bundler, PUP.Installer.Groovecom, PUP.Bundler.Tightrope, PUP.Fintech.Installer (M), PUP.DownloadAdmin.CodeTechno.Installer (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.InstallCore.Installer.Installer (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.Tightrope.Sanflex.Bundler (M)
89.36%

VIPRE Antivirus
DownloadAdmin, Trojan.Win32.Generic, Threat.4783369, Threat.4150696
40.43%

Dr.Web
Adware.Downware.2220, Adware.DAdmin.151, Adware.DownloadAdmin.1, Adware.Downware.9384
40.43%

Sophos
Download Admin, PUA 'Download Admin'
29.79%

AVG
InstallC, Generic
29.79%

Avira AntiVirus
W32/Mabezat, ADWARE/Adware.Gen, APPL/Downloader.Gen, TR/Trash.Gen
27.66%

avast!
Adware-OH [Adw], Win32:GenMalicious-AGF [Trj], Adware-SJ [PUP], DownloadAdmin-O [Trj], Win32:DownloadAdmin-N [PUP], Adware-BRR [Adw]
25.53%

F-Secure
Adware:W32/WebInstallBundle
25.53%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/DownloadAdmin.H potentially unwanted application, Detection.Undefined
25.53%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Adware
25.53%

Agnitum Outpost
Riskware.Agent
21.28%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Trojan.Win32.DAdmin.djhtdm, Riskware.Nsis.Downware.dlgjls
19.15%

K7 AntiVirus
Unwanted-Program , Trojan
19.15%

herdProtect (fuzzy)
a variant of 91e077df334609d9d06c0aa406732444f35c0751, a variant of 8f0b538014205449c7e19afc531e7fc6ffa135fd, a variant of 9a3a058b0c1f9bc176be579f99d20bccdfe7e2b8
17.02%

Malwarebytes
PUP.Optional.DownloadAdmin, PUP.Optional.FullSpectrumAdmin
17.02%

The domain files5.mirror6.net has been seen to resolve to the following 4 IP addresses.

50.22.63.138-static.reverse.softlayer.com
December 18, 2013

50.22.63.140-static.reverse.softlayer.com
December 18, 2013

50.97.63.217-static.reverse.softlayer.com
December 18, 2013

108.168.160.45-static.reverse.softlayer.com
December 18, 2013

File downloads found at URLs served by files5.mirror6.net.

1 / 68      (Adware)
http://files5.mirror6.net/dl?bc=919437&aid=30679  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

1 / 68      (Adware)
http://files5.mirror6.net/dl?bc=951917&aid=103205  (uplayermediaplayer-setup.exe)

12 / 68    (PUP)
http://files5.mirror6.net/dl?bc=962730&v.id=office  (delugetorrentclient-setup.exe)

1 / 68      (PUP)

1 / 68      (Adware)
http://files5.mirror6.net/dl?bc=919437&aid=514211  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

10 / 68    (Adware)
http://files5.mirror6.net/youdownloaders?id=253  (multiplyroi_tomtom-home.exe)

1 / 68      (PUP)
http://files5.mirror6.net/dl?bc=962730&v.id=drake  (delugetorrentclient-setup.exe)

1 / 68      (Adware)
http://files5.mirror6.net/dl?bc=919437&aid=317631  (uplayermediaplayer-setup.exe)

1 / 68      (Adware)
http://files5.mirror6.net/youdownloaders?id=225  (multiplyroi_instagram-downloader.exe)

1 / 68      (PUP)

1 / 68      (PUP)
http://files5.mirror6.net/dl?bc=962730&v.id=avatar  (delugetorrentclient-setup.exe)

1 / 68      (Adware)

1 / 68      (Adware)
http://files5.mirror6.net/dl?bc=919437&aid=176681  (uplayermediaplayer-setup.exe)

1 / 68      (PUP)

1 / 68      (PUP)

13 / 68    (Adware)
http://files5.mirror6.net/dl?bc=919437&aid=509981  (uplayermediaplayer-setup.exe)

11 / 68    (PUP)

11 / 68    (Adware)

14 / 68    (PUP)

 
Latest 30 of 123 download URLs

The following 60 files have been seen to comunicate with files5.mirror6.net in live environments.

 
Latest 20 of 63 files

30 of 45 related domains

Remove Malware from files5.mirror6.net - Powered by Reason Core Security