home

friedcookie.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain friedcookie.com is registered by proxy through ENOM, INC. and was originally registered in September of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Thursday, September 1, 2011

Expires date:
Tuesday, September 1, 2015

Updated date:
Tuesday, August 12, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:
3 friedcookie.com records

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.FriedCookie.Y, PUP.Installer.FriedCookie.S, PUP.Installer.FriedCookie.a, PUP.FriedCookie.Y, PUP.FriedCookie.a
75.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downware.InstallCore
75.00%

Dr.Web
Adware.Downware.1838, Trojan.Siggen6.55368
50.00%

VIPRE Antivirus
InstallCore
50.00%

Bkav FE
W32.Clod4b7.Trojan, W32.Clodf0c.Trojan, W32.Clod3c5.Trojan, HW32.Packed
50.00%

F-Prot
W32/InstallCore.G4.gen, W32/Autorun.ZF
50.00%

Norman
FakeNSIS.A, Gen:Variant.Kazy.253218, Trojan.Generic.KDV.391478
50.00%

K7 AntiVirus
Unwanted-Program , Trojan
37.50%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly, Threat.Undefined
37.50%

ESET NOD32
Win32/InstallCore.BJ (variant), Win32/InstallCore.BH (variant)
37.50%

McAfee
Artemis!7D32935667AA, Artemis!8D1D855CD490
25.00%

Sophos
Generic PUA EL, Generic PUA DP
25.00%

Avira AntiVirus
Adware/InstallCore.BP, ADWARE/InstallCore.Gen
25.00%

IKARUS anti.virus
Win32.SuspectCrc
25.00%

Qihoo 360 Security
HEUR/Malware.QVM11.Gen, Win32/Trojan.cc5
25.00%

The domain friedcookie.com has been seen to resolve to the following IP address.

23.21.48.126
July 18, 2013

File downloads found at URLs served by friedcookie.com.

10 / 68    (Malware)
http://friedcookie.com/.../file-extractor  (fileextractorsetup.exe)

4 / 68      (Adware)
http://friedcookie.com/.../personal-cards  (friedcookie_personal_cards.exe)

13 / 68    (Adware)
http://friedcookie.com/.../file-extractor  (fileextractorsetup.exe)

6 / 68      (inconclusive)
http://friedcookie.com/.../file-extractor  (fileextractorsetup.exe)

5 / 68      (Adware)
http://friedcookie.com/.../privacy-agent  (friedcookie_privacyagent.exe)

12 / 68    (Adware)
http://friedcookie.com/.../privacy-agent  (icreinstall_privacydefendersetup.exe)

16 / 68    (Adware)
http://friedcookie.com/.../ringtone-maker  (7f4a669d1eecd224698285b505b14cf0.exe)

5 / 68      (Adware)
http://friedcookie.com/.../video-player  (friedcookie_video_player.exe)

The following file have been seen to comunicate with friedcookie.com in live environments.

TCP » 23.21.48.126:80
Updater.exe (FriedCookie Updater by FriedCookie)

URL:
http://friedcookie.com/

Google Analytics:
UA-29471205

Title:
“Fried Cookie Software”

Description:
“Fried Cookie offers several fun applications that are free to install & have sleek and fun user interface.”

Network:
Amazon Web Services (AWS)

SSL certificate subject:
CN=friedcookie.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
Apache

Facebook:
Likes:  5
Shares:  10

Twitter:
Shares:  65

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.