The domain get.file4desktop.com registered by OutBrowse was initially registered in February of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Friday, February 7, 2014
Expires date:
Sunday, February 7, 2016
Updated date:
Sunday, February 8, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Google Safe Browsing:
unwanted
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.ClickToStart.K, PUP.ClickToStart.R, PUP.Installer.YESapps, PUP.Outbrowse.Bundler, PUP.Outbrowse.TRUStEdApPsddd.Bundler (M), PUP.Outbrowse.BesTINSTAllTLl.Installer (M), PUP.Outbrowse.TRUStEdA.Bundler (M), PUP.Outbrowse.BesTINST.Bundler (M), PUP.Outbrowse (M)
100.00%
ESET NOD32
Win32/OutBrowse.BK potentially unwanted application, Win32/OutBrowse.BS potentially unwanted application, Win32/OutBrowse.CB potentially unwanted application
37.50%
Emsisoft Anti-Malware
MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Application.Bundler.Outbrowse.BI
37.50%
Dr.Web
Trojan.OutBrowse.51, infected with Trojan.OutBrowse.65, Trojan.OutBrowse.697
37.50%
Lavasoft Ad-Aware
MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Application.Bundler.Outbrowse.BI
37.50%
AVG
Generic, Downloader, Potentially harmful program Downloader.GYI
37.50%
MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Application.Bundler.Outbrowse.BI
31.25%
Bitdefender
MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Application.Bundler.Outbrowse.BI
31.25%
Avira AntiVirus
APPL/Outbrowse.Gen, APPL/Downloader.Gen, ADWARE/Adware.Gen
31.25%
G Data
MemScan:Application.Bundler.Outbrowse, MemScan:Application.Bundler.JU, Application.Bundler.Outbrowse.BI
31.25%
AhnLab V3 Security
PUP/Win32.OutBrowse
31.25%
F-Secure
Riskware.MemScan:Application.Bundler.Outbrowse, Riskware.MemScan:Application.Bundler.JU
25.00%
Malwarebytes
PUP.Optional.OutBrowse
25.00%
K7 AntiVirus
Unwanted-Program , Trojan
25.00%
Norman
MemScan:Application.Bundler.Outbrowse.V
18.75%
The domain get.file4desktop.com has been seen to resolve to the following 14 IP addresses.
ec2-54-175-102-143.compute-1.amazonaws.com
May 18, 2016
ec2-50-19-244-143.compute-1.amazonaws.com
April 20, 2016
ec2-107-20-138-96.compute-1.amazonaws.com
April 20, 2016
ec2-23-23-233-69.compute-1.amazonaws.com
August 12, 2015
ec2-23-21-219-150.compute-1.amazonaws.com
August 12, 2015
ec2-204-236-230-217.compute-1.amazonaws.com
August 12, 2015
ec2-54-221-242-166.compute-1.amazonaws.com
July 26, 2015
ec2-184-73-218-46.compute-1.amazonaws.com
July 26, 2015
ec2-54-235-106-17.compute-1.amazonaws.com
July 26, 2015
ec2-107-22-168-118.compute-1.amazonaws.com
June 18, 2015
ec2-54-235-221-62.compute-1.amazonaws.com
May 28, 2015
ec2-107-21-109-247.compute-1.amazonaws.com
May 4, 2015
ec2-174-129-208-223.compute-1.amazonaws.com
May 3, 2015
ec2-107-22-195-231.compute-1.amazonaws.com
January 16, 2015
File downloads found at URLs served by get.file4desktop.com.
The following file have been seen to comunicate with get.file4desktop.com in live environments.
URL:
http://get.file4desktop.com/
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)