getapplicationmy.info

WEB PICK - INTERNET HOLDINGS LTD

Domain Information

getapplicationmy.info is a landing page for the download and installtion of software wrapped with the WebPick Internet Holdings InstalleRex download manager which distributes adware web browser extensions and utility offers in the installer. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher WEB PICK - INTERNET HOLDINGS LTD who is located in Ramat Hasharon, Israel.
Remove Malware from getapplicationmy.info - Powered by Reason Core Security
Registrar:
EvoPlus Ltd. (R589-LRMS)

Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.G, Adware.WebPick.Installer.V, Adware.WebPick.Installer.c, Adware.WebPick.Installer.T, Adware.WebPick.Installer.AA, Adware.WebPick.Installer.K, Adware.WebPick.Installer.x, Adware.WebPick.Installer.U, Adware.WebPick.Installer.e, Adware.WebPick.Installer.I, Adware.WebPick.Installer.b, Adware.WebPick.Installer.a, Adware.WebPick.Installer.J, Adware.WebPick.Installer.CC, Adware.WebPick.Installer.N, Adware.WebPick.Installer.S, Adware.WebPick.Installer.R, Adware.WebPick.Installer.r, Adware.WebPick.Installer.v, Adware.WebPick.Installer.H, Adware.WebPick.Installer.Q, Adware.WebPick.Installer.X, PUP.AlexeyKurilenko.CC, Adware.WebPick.Installer.g, Adware.WebPick.Installer.M, PUP.EdwardKosar
97.37%

NANO AntiVirus
Riskware.Win32.Downware.crcxkg, Riskware.Win32.InfoLeak.cvgqot, Riskware.Win32.MultiPlug.ddsvpv, Riskware.Win32.Downware.crdwjq
78.95%

Avira AntiVirus
Adware/InstallRex.Q, Adware/InstallRex.G, TR/Visucius.20, Adware/InstallRex.fgw, TR/AntiFW.b.116, TR/Kazy.324119.27, Adware/InstallRex.EL
78.95%

Comodo Security
Application.Win32.InstalleRex.KG, Application.Win32.GreenApp.RR, Application.Win32.InstalleRex.LL, Application.Win32.Multiplug.CT
76.32%

Dr.Web
Adware.Downware.1719, Threat.Undefined, Trojan.WebPick.2452, Trojan.WebPick.2627, Trojan.WebPick.2620, Trojan.WebPick.2579
76.32%

Vba32 AntiVirus
Downloader.AdLoad, Downware.TSU, SScope.Adware.MultiPlug, suspected of Heur.Malware-Cryptor.Multiplug
76.32%

AVG
MalSign.Generic, Adware BundleApp.EJ, Adware Generic5, Adware Generic_r.VD, Adware Generic6.HUD, Adware Generic6.HTL
76.32%

Malwarebytes
PUP.Optional.InstalleRex, PUP.Optional.DownloaderSS, PUP.Optional.MultiPlug
73.68%

avast!
Win32:InstalleRex-AI [PUP], Win32:InstalleRex-BW [PUP], Win32:InstalleRex-BO [PUP], Win32:InstalleRex-BX [PUP], Win32:InstalleRex-CA [PUP]
73.68%

VIPRE Antivirus
Installerex/WebPick, Threat.4150696, Threat.4753027, Threat.4786450, Trojan.Win32.Generic, Threat.14871, Threat.4726519
73.68%

ESET NOD32
Win32/InstalleRex.M potentially unwanted application, Win32/InstalleRex.L potentially unwanted application, Win32/AdWare.MultiPlug.CN application, Win32/Adware.MultiPlug.ED application
73.68%

Kaspersky
not-a-virus:Downloader.Win32.AdLoad, Trojan.Win32.AntiFW, not-a-virus:AdWare.Win32.MultiPlug
71.05%

Sophos
InstallRex, MultiPlug, Virus 'W32/Patched-I', PUA 'MultiPlug' (of type Adware), PUA 'InstallRex'
71.05%

Antiy Labs AVL
RiskWare[Downloader:not-a-virus,HEUR]/Win32.AdLoad, Trojan/Win32.AntiFW.b, Trojan/Win32.TSGeneric, GrayWare[AdWare:not-a-virus]/Win32.MultiPlug
68.42%

Kingsoft AntiVirus
Win32.Troj.DownAdLoad.f.(kcloud), Win32.Troj.AntiFW.b.(kcloud), Win32.Troj.MultiPlug.bw.(kcloud)
65.79%

The domain getapplicationmy.info has been seen to resolve to the following 17 IP addresses.

ec2-54-148-67-213.us-west-2.compute.amazonaws.com
February 7, 2015

ec2-54-68-142-187.us-west-2.compute.amazonaws.com
November 3, 2014

ec2-54-68-85-18.us-west-2.compute.amazonaws.com
November 3, 2014

ec2-54-167-174-238.compute-1.amazonaws.com
September 3, 2014

ec2-54-91-118-83.compute-1.amazonaws.com
September 3, 2014

ec2-54-213-175-182.us-west-2.compute.amazonaws.com
August 26, 2014

ec2-54-191-153-135.us-west-2.compute.amazonaws.com
August 22, 2014

ec2-54-191-186-103.us-west-2.compute.amazonaws.com
August 7, 2014

ec2-54-191-92-197.us-west-2.compute.amazonaws.com
July 6, 2014

ec2-54-191-92-23.us-west-2.compute.amazonaws.com
July 6, 2014

ec2-54-191-42-81.us-west-2.compute.amazonaws.com
July 6, 2014

ec2-54-191-83-149.us-west-2.compute.amazonaws.com
July 6, 2014

ec2-54-213-103-160.us-west-2.compute.amazonaws.com
June 20, 2014

(CloudFlare)
February 10, 2014

(CloudFlare)
February 10, 2014

December 26, 2013

December 26, 2013

File downloads found at URLs served by getapplicationmy.info.

20 / 68    (PUP)

 
Latest 30 of 45 download URLs

URL:
http://getapplicationmy.info/

Title:
“Welcome to nginx!”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
openresty

Remove Malware from getapplicationmy.info - Powered by Reason Core Security