flv.hs5dmr.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain flv.hs5dmr.com is registered by proxy through GODADDY.COM, LLC and was originally registered in June of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from flv.hs5dmr.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, June 20, 2013

Expires date:
Monday, June 20, 2016

Updated date:
Sunday, June 21, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Conversionads.T, PUP.Installer.BechiroSL.F, PUP.Installer.Stepitapp.F, PUP.Bundler.Solimba, Threat.Solimba.Bundler, PUP.Solimba.Bechiro.Bundler (M), PUP.Air Software.AirSoftware.Bundler (M), PUP.installCore.CommandFlux.Installer (M), PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.SETUPDOTEXE.Bundler (M), PUP.Adknowledge.PremiumInstaller.Installer (M), PUP.Vittalia.InstallAssistant.Installer (M)
97.96%

K7 Gateway Antivirus
Unwanted-Program , DoS-Trojan
85.71%

VIPRE Antivirus
Trojan.Win32.Generic, DownloadMR, Threat.4150696, Threat.4798837, Threat.4782980
85.71%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/Solimba.Gen, TR/Dldr.Agent.216048, ADWARE/Adware.Gen, ADWARE/InstallCo.DX, Adware/iBryte.qoemno
85.71%

Rising Antivirus
PE:Trojan.Zbot!6.103C, PE:Backdoor.Hupigon!6.1FD, PE:PUF.FirseriaInstaller@CV!1.5C42, PE:PUF.Airinstall!1.9C4C, PE:Malware.iBryte!6.14B5
83.67%

K7 AntiVirus
Unwanted-Program , Trojan
83.67%

Sophos
Conversion Ads, Solimba Installer, Generic PUA OF, PUA 'Solimba Installer', PUA 'AirInstaller', iBryte Optimum Installer
83.67%

Comodo Security
ApplicUnwnt, Application.Win32.Solimba.L, Application.Win32.AirAdInstaller.A, Application.Win32.InstallCore.GH, TrojWare.Win32.IBryte.S
83.67%

AVG
Agent.F, Adware Skodna.Generic.AMG, Generic_r, Adware InstallCore, Adware AdPlugin
83.67%

Vba32 AntiVirus
TScope.Trojan.MSIL, suspected of Trojan.Downloader.gen.h, Signed-Downware.Morstar.BechiroSL, AdWare.AirAdInstaller.ajov
83.67%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.Solimba, PUP.Optional.AirAdInstaller, PUP.Optional.OptimumInstaller.A
81.63%

SUPERAntiSpyware
PUP.InstallCore/Variant, Adware.Solimba/Variant, Adware.AirInstaller/Variant, Adware.OptimumInstaller/Variant
81.63%

IKARUS anti.virus
SoftwareBundler, PUA.Bechiro, Win32.Malware, not-a-virus:Downloader.Win32.Agent
81.63%

Dr.Web
Adware.Downware.1302, Trojan.SMSSend.5206, Trojan.iBryte.506, Trojan.Packed.26508, Adware.Downware.2249
81.63%

McAfee Web Gateway
BehavesLike.Win32.Downloader.dc , BehavesLike.Win32.Downloader.dh, BehavesLike.Win32.Ransom.jc, GenericATG-FGI!3B0404F8E1DE
81.63%

The domain flv.hs5dmr.com has been seen to resolve to the following 42 IP addresses.

ec2-54-208-254-134.compute-1.amazonaws.com
February 14, 2016

ec2-52-73-156-129.compute-1.amazonaws.com
February 14, 2016

ec2-52-72-251-195.compute-1.amazonaws.com
February 4, 2016

ec2-52-72-181-246.compute-1.amazonaws.com
February 4, 2016

ec2-52-20-106-232.compute-1.amazonaws.com
January 26, 2016

ec2-54-172-73-48.compute-1.amazonaws.com
January 26, 2016

ec2-52-7-138-198.compute-1.amazonaws.com
January 4, 2016

ec2-54-210-166-20.compute-1.amazonaws.com
January 4, 2016

ec2-54-172-168-97.compute-1.amazonaws.com
December 23, 2015

ec2-52-3-21-93.compute-1.amazonaws.com
December 23, 2015

ec2-52-22-175-167.compute-1.amazonaws.com
December 15, 2015

ec2-52-7-53-84.compute-1.amazonaws.com
December 15, 2015

ec2-52-6-249-139.compute-1.amazonaws.com
December 5, 2015

ec2-52-0-153-235.compute-1.amazonaws.com
December 5, 2015

ec2-52-20-249-17.compute-1.amazonaws.com
December 5, 2015

ec2-54-209-227-215.compute-1.amazonaws.com
December 4, 2015

ec2-52-4-222-50.compute-1.amazonaws.com
December 4, 2015

ec2-107-23-147-56.compute-1.amazonaws.com
December 4, 2015

ec2-107-23-109-144.compute-1.amazonaws.com
November 25, 2015

ec2-54-164-41-161.compute-1.amazonaws.com
November 25, 2015

ec2-52-4-192-34.compute-1.amazonaws.com
November 25, 2015

ec2-107-23-118-52.compute-1.amazonaws.com
November 12, 2015

ec2-52-4-190-211.compute-1.amazonaws.com
November 12, 2015

ec2-52-0-124-241.compute-1.amazonaws.com
November 12, 2015

ec2-52-7-149-60.compute-1.amazonaws.com
August 12, 2015

ec2-54-84-245-97.compute-1.amazonaws.com
July 23, 2015

ec2-52-6-5-229.compute-1.amazonaws.com
July 23, 2015

ec2-54-210-5-55.compute-1.amazonaws.com
July 23, 2015

ec2-54-173-193-7.compute-1.amazonaws.com
June 28, 2015

ec2-54-86-172-158.compute-1.amazonaws.com
June 28, 2015

 
Showing 30 of 42 IP Addresses

File downloads found at URLs served by flv.hs5dmr.com.

 
Latest 30 of 64 download URLs

The following file have been seen to comunicate with flv.hs5dmr.com in live environments.

URL:
http://flv.hs5dmr.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.7.9

Remove Malware from flv.hs5dmr.com - Powered by Reason Core Security