» get.file21desktop.com
Overview
Analysis
IPs Addresses (13)
Downloads (58)
Network (38)
Website Detail

get.file21desktop.com

OutBrowse

Domain Information

The domain get.file21desktop.com registered by OutBrowse was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.

Registrant:

OutBrowse

Registrar:

GODADDY.COM, LLC

Server location:

Quebec, Canada (CA)

Create date:

Sunday, May 25, 2014

Expires date:

Wednesday, May 25, 2016

Updated date:

Tuesday, June 16, 2015

Root domain:

file21desktop.com

Whois:

2 file21desktop.com records

Google Safe Browsing:

unwanted

Scanner detections:

Detections (98% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.OtopiaSOFT, PUP.Outbrowse, PUP.Outbrowse.YesApps.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Outbrowse.DirectDownloadGTt.Bundler (M), PUP.Outbrowse.BONDONJOV.Bundler (M), PUP.Outbrowse.StartNow.Bundler (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.Outbrowse.TrustedA.Bundler (M), PUP.Outbrowse.BESTapp.Bundler (M), PUP.Outbrowse.Salyutem.Bundler (M), PUP.Outbrowse.Safeinst.Bundler (M), PUP.Outbrowse.BestInst.Bundler (M), PUP.Outbrowse.BonDonJo.Bundler (M), PUP.Outbrowse.DirectDo.Bundler (M), PUP.Outbrowse.TIKITaka.Bundler (M), PUP.Outbrowse.TikiTaka.Bundler (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Outbrowse.OtopiaSO.Bundler (M), PUP.Outbrowse.StartNOW.Bundler (M), PUP.Outbrowse.MariMara.Bundler (M), PUP.Outbrowse (M)

97.96%

ESET NOD32

Win32/OutBrowse.BS potentially unwanted application, Win32/OutBrowse.BU potentially unwanted application, Win32/OutBrowse.BK potentially unwanted application

14.29%

AVG

Potentially harmful program Downloader.DGR, Potentially harmful program Downloader.DIN, Potentially harmful program Downloader.DKQ

14.29%

Trend Micro House Call

Suspici.1AC582C8, Suspici.B3BC0FA9, Suspici.33AE6F52, Suspici.DDA00E7E, Suspici.651C691B

12.24%

Avira AntiVirus

APPL/Outbrowse.Gen, APPL/Downloader.Gen, PUA/Outbrowse.Gen

12.24%

Malwarebytes

PUP.Optional.OutBrowse, PUP.Optional.OutBrowse.gen

10.20%

McAfee

Adware-OutBrowse.e, Program.Adware-OutBrowse.e, Program.Adware-OutBrowse.c, Virus.Adware-OutBrowse.c

10.20%

K7 AntiVirus

DoS-Trojan , Unwanted-Program

10.20%

VIPRE Antivirus

Threat.4150696, Threat.4657539, Threat.4721115

8.16%

Emsisoft Anti-Malware

Dropped:Application.Bundler.Outbrowse.AJ, Dropped:Application.Bundler.Outbrowse.AM, Gen:Variant.Application.Bundler.Outbrowse

8.16%

AhnLab V3 Security

PUP/Win32.OutBrowse

8.16%

Dr.Web

infected with Trojan.OutBrowse.88, Trojan.OutBrowse.95, Trojan.OutBrowse.51

8.16%

Fortinet FortiGate

Riskware/OutBrowse

8.16%

avast!

Malware-gen, PUP-gen [PUP], Win32:Kukacka

6.12%

Lavasoft Ad-Aware

Dropped:Application.Bundler.Outbrowse.AJ, Dropped:Application.Bundler.Outbrowse.AM, Gen:Variant.Application.Bundler.Outbrowse.1

6.12%

The domain get.file21desktop.com has been seen to resolve to the following 13 IP addresses.

167.114.156.214

ns513839.ip-167-114-156.net

August 16, 2016

54.175.102.143

ec2-54-175-102-143.compute-1.amazonaws.com

May 18, 2016

204.236.219.53

ec2-204-236-219-53.compute-1.amazonaws.com

April 7, 2016

50.17.254.254

ec2-50-17-254-254.compute-1.amazonaws.com

February 16, 2016

23.21.196.192

ec2-23-21-196-192.compute-1.amazonaws.com

February 16, 2016

174.129.32.168

ec2-174-129-32-168.compute-1.amazonaws.com

January 3, 2016

107.20.180.82

ec2-107-20-180-82.compute-1.amazonaws.com

January 3, 2016

54.235.117.115

ec2-54-235-117-115.compute-1.amazonaws.com

January 3, 2016

23.21.168.225

ec2-23-21-168-225.compute-1.amazonaws.com

June 26, 2015

23.21.52.184

ec2-23-21-52-184.compute-1.amazonaws.com

May 4, 2015

54.196.192.2

ec2-54-196-192-2.compute-1.amazonaws.com

February 16, 2015

23.21.166.12

ec2-23-21-166-12.compute-1.amazonaws.com

January 5, 2015

50.19.236.133

ec2-50-19-236-133.compute-1.amazonaws.com

November 1, 2014

File downloads found at URLs served by get.file21desktop.com.

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?baidusign=18161438&baidurand=6747 (installation.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=12962&d=21051&l=20228&n=1&productname=Product_name&dynamicname=Product_name&filename=FLV_Medi_Player (flv_medi_player.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Connectify Hotspot Pro 9 Full Crack&filename=Connectify Hotspot Pro 9 Full Crack&tyurl=http://www.44download.com/.../thnkspgInstall.php?file=Connectify Hotspot Pro 9 Full Crack&S=10476 (connectify hotspot pro 9 full crack.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?&p=19253&d=25464&l=24653&n=1&productname=DownloadManager&exeurl=URL_FOR_CARRIER_EXE&dynamicname=PRODUCT_NAME&filename=Download Smadav Pro 9.8.1 Terbaru Full Version - Helmi Blog&s=fatality (download smadav pro 9.8.1 terbaru full version - helmi blog.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=17126&l=16318&n=1&productname=Bio CH.rar&exeurl=http://.../ep6Mmb&dynamicname=Bio CH.rar&filename=Bio CH.rar (bio ch.rar.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=8200&d=25812&l=24993&n=1&productname=DownloadManager&exeurl=&dynamicname=Hotel-Giant-Tycoon-2-Full-Game&filename=Hotel-Giant-Tycoon-2-Full-Game&tyurl=http://.../bdl.php?q=Hotel-Giant-Tycoon-2-Full-Game (hotel-giant-tycoon-2-full-game.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=2788&d=2792&l=2707&n=1&filename=MoozySetup&productname=Moozysetup&tyurl=http://.../1os5ON0 (moozysetup.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?baidusign=18161438&baidurand=10027 (installation.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?&p=19253&d=25464&l=24653&n=1&productname=DownloadManager&exeurl=URL_FOR_CARRIER_EXE&dynamicname=PRODUCT_NAME&filename=IObit Driver Booster Pro 2.2.0.55 Patch Crack Keygen Serial Key License Key ~ Shadow Nut&s=alvi (iobit driver booster pro 2.2.0.55 patch crack keygen serial key license key ~ shadow nut.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=11830&d=20424&l=19595&n=1&productname=Tekken 6 Game Full Version Free Download&dynamicname=Tekken 6 Game Full Version Free Download&filename=Tekken 6 Game Full Version Free Download (tekken 6 game full version free download.exe)

0 / 68

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=17419&l=16591&n=1&productname=MyEgy.L.B.Elk!ng.mkv&exeurl=http://.../ep6Mmb&dynamicname=MyEgy.L.B.Elk!ng.mkv&filename=MyEgy.L.B.Elk!ng.mkv (msvcr111.dll)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=17125&l=16317&n=1&productname=Cinta.Brontosaurus.2013.DVDRip.txt&exeurl=http://.../ep6Mmb&dynamicname=Cinta.Brontosaurus.2013.DVDRip.txt&filename=Cinta.Brontosaurus.2013.DVDRip.txt (cinta.brontosaurus.2013.dvdrip.txt.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=1831&d=8119&l=7640&n=1&productname=GiliSoft Video Editor 6.8.0.FiLMEY.CoM.rar&dynamicname=GiliSoft Video Editor 6.8.0.FiLMEY.CoM.rar&filename=GiliSoft Video Editor 6.8.0.FiLMEY.CoM.rar (gilisoft video editor 6.8.0.filmey.com.rar.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Internet Download Manager 6.21 Build 11 Full Patch&filename=Internet Download Manager 6.21 Build 11 Full Patch&tyurl=http://www.44download.com/.../thnkspgInstall.php?file=Internet Download Manager 6.21 Build 11 Full Patch&S=10476 (internet download manager 6.21 build 11 full patch.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=10092&l=9534&n=1&productname=-?????? ?????? ?????? -- ????? ? ???????? ?2 -.doc&exeurl=http://.../ep6Mmb&dynamicname=-?????? ?????? ?????? -- ????? ? ???????? ?2 -.doc&filename=-?????? ?????? ?????? -- ????? ? ???????? ?2 -.doc (-اختبار أكتوبر نوفمبر -- اللغة و رياضيـات س2 -.doc.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?&p=19253&d=25464&l=24653&n=1&productname=DownloadManager&exeurl=URL_FOR_CARRIER_EXE&dynamicname=PRODUCT_NAME&filename=Download Film Doraemon Stand By Me [2014] 3D Subtitle Indonesia - Helmi Blog&s=fatality (download film doraemon stand by me 3d subtitle indonesia - helmi blog.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Pesgalaxy Patch PES 2015 2.00 All In One&filename=Pesgalaxy Patch PES 2015 2.00 All In One&tyurl=http://www.anizan.com/downloads/.../10476plus.php?file=Pesgalaxy Patch PES 2015 2.00 All In One&S=10476 (pesgalaxy patch pes 2015 2.00 all in one.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=GTA Extreme Indonesia V6 Full MOD | RIALSOFT™&filename=GTA Extreme Indonesia V6 Full MOD | RIALSOFT™&tyurl=http://www.44download.com/.../thnkspgInstall.php?file=GTA Extreme Indonesia V6 Full MOD | RIALSOFT™&S=5698 (gta extreme indonesia v6 full mod - rialsoft™.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Update Transfer Pemain Terbaru PES 2013&filename=Update Transfer Pemain Terbaru PES 2013&tyurl=http://www.44download.com/.../thnkspgInstall.php?file=Update Transfer Pemain Terbaru PES 2013&S=10476 (update transfer pemain terbaru pes 2013.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?&p=19253&d=25464&l=24653&n=1&productname=DownloadManager&exeurl=URL_FOR_CARRIER_EXE&dynamicname=PRODUCT_NAME&filename=Download TuneUp Utilities 2015 Final Terbaru Full version - Arip27.com | Download Software Full Version&s=dony (download tuneup utilities 2015 final terbaru full version - arip27.com - download software full vers)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=17125&l=16317&n=1&productname=????? ???? ???? ??????? ??? 2 ????? ?? ?????? ??????.exe&exeurl=http://.../ep6Mmb&dynamicname=????? ???? ???? ??????? ??? 2 ????? ?? ?????? ??????.exe&filename=????? ???? ???? ??????? ??? 2 ????? ?? ?????? ??????.exe (تلخيص جميع دروس الشريعة سنة 2 ثانوي في برنامج الوافي.exe.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?&p=19253&d=25464&l=24653&n=1&productname=DownloadManager&exeurl=URL_FOR_CARRIER_EXE&dynamicname=PRODUCT_NAME&filename=Download Film Doraemon Stand By Me (2014) 3D Bluray | Film 2015 | Download Film Terbaru 2015&s=mufarrohah (download film doraemon stand by me 3d bluray - film 2015 - download film terbaru 2015.exe)

9 / 68 (PUP)

http://get.file21desktop.com/DownloadManager/Get?p=1831&d=17126&l=16318&n=1&productname=160794_CILICupConvertel[bagas31].rar&exeurl=http://.../ep6Mmb&dynamicname=160794_CILICupConvertel[bagas31].rar&filename=160794_CILICupConvertel[bagas31].rar (160794_cilicupconvertel[bagas31].rar.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Download Free Game PC Audition Ayodance Offline Single Link&filename=Download Free Game PC Audition Ayodance Offline Single Link&tyurl=http://www.44download.com/.../thnkspgInstall.php?file=Download Free Game PC Audition Ayodance Offline Single Link&S=5203 (download free game pc audition ayodance offline single link.exe)

1 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=1094&d=19929&l=19094&n=1&productname=AnizanDownloadManager&exeurl=http://go34down.com/dwnld/h/HD CODEC Setup.exe&dynamicname=Internet Download Manager 6.21 Build 15 Full Crack&filename=Internet Download Manager 6.21 Build 15 Full Crack&tyurl=http://www.anizan.com/downloads/.../10476plus.php?file=Internet Download Manager 6.21 Build 15 Full Crack&S=10476 (internet download manager 6.21 build 15 full crack.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=5126&d=21858&l=21046&n=1&productname=GT-Racing-2-hack-cheats&dynamicname=GT-Racing-2-hack-cheats&filename=GT-Racing-2-hack-cheats (gt-racing-2-hack-cheats.exe)

1 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=5126&d=21858&l=21046&n=1&productname=Color-Efex-Pro-3&dynamicname=Color-Efex-Pro-3&filename=Color-Efex-Pro-3 (color-efex-pro-3.exe)

18 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=8200&d=25812&l=24993&n=1&productname=DownloadManager&exeurl=&dynamicname=Theme-Hacker-For-Windows-7-Free&filename=Theme-Hacker-For-Windows-7-Free&tyurl=http://.../mirror.php?q=Theme-Hacker-For-Windows-7-Free (theme-hacker-for-windows-7-free.exe)

18 / 68 (Adware)

http://get.file21desktop.com/DownloadManager/Get?p=8200&d=25812&l=24993&n=1&productname=DownloadManager&exeurl=http://.../jkaksahkenmaska&dynamicname=Custom-maid-3D-Full-Adult-Game-Eng&filename=Custom-maid-3D-Full-Adult-Game-Eng (custom-maid-3d-full-adult-game-eng.exe)

23 / 68 (Adware)

http://get.file21desktop.com/.../Get?p=5126&d=21858&l=21046&n=1&productname=Password-Recovery-Bundle-2014-v3-2&dynamicname=Password-Recovery-Bundle-2014-v3-2&filename=Password-Recovery-Bundle-2014-v3-2 (password-recovery-bundle-2014-v3-2.exe)

Latest 30 of 58 download URLs

The following 38 files have been seen to comunicate with get.file21desktop.com in live environments.

TCP » 167.114.156.214:3333

webproxy.exe

TCP » 167.114.156.214:80

setup_info.exe

TCP » 167.114.156.214:80

tencent.exe (by Tencent)

TCP » 167.114.156.214:80

rs.exe

TCP » 167.114.156.214:80

loader.exe (Updater by SOFTWARE AGILITY LIMITED)

TCP » 167.114.156.214:80

win.exe (SendStat Module)

TCP » 167.114.156.214:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80

ProxyFinder.EXE (Proxy Finder Enterprise Edition Application)

TCP » 167.114.156.214:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 167.114.156.214:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 167.114.156.214:80

deamon.exe

TCP » 167.114.156.214:80

run_css.exe

TCP » 167.114.156.214:1177

pirater facebook v1.0.exe

TCP » 167.114.156.214:80

Updater.exe (Updater)

TCP » 167.114.156.214:80

internet tv.exe

TCP » 167.114.156.214:80

kingtranslatesetup.exe (KingTranslate by Bandoo Media Inc)

TCP » 167.114.156.214:80

kingtranslatesetup-r0-n-bc.exe (KingTranslate by Koyote-Lab)

TCP » 167.114.156.214:80

ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 167.114.156.214:80

Updater.exe (Updater)

Latest 20 of 44 files

URL:

http://get.file21desktop.com/

Web server:

Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.