» getfile.eu
Overview
Analysis
IPs Addresses (5)
Downloads (46)
Network (41)
Website Detail
Related Domains (618)

getfile.eu

NOT DISCLOSED! (Proxy Registrant)

Domain Information

The domain getfile.eu is registered by proxy through Domain Robot. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.

Registrant:

NOT DISCLOSED!

Registrar:

Domain Robot

Server location:

Victoria, Australia (AU)

ASN:

AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Whois:

2 getfile.eu records

Scanner detections:

Detections (95% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.CORLEONGROUP.I, PUP.CORLEONGROUP.EE, PUP.CORLEONGROUP.?, PUP.CORLEONGROUP.N, PUP.CORLEONGROUP.S, PUP.InstallMonster.CORLEONGROUP (M), PUP.InstallMonster.CORLEONG (M), Threat.Win.Reputation.IMP, PUP.InstallMonster (M)

87.80%

ESET NOD32

Win32/InstallMonstr.CG potentially unwanted application, Win32/InstallMonstr.K potentially unwanted application, Win32/InstallMonstr.AC potentially unwanted application, Win32/InstallMonstr.C potentially unwanted application, Win32/InstallMonstr.H potentially unwanted application, Win32/InstallMonstr.M potentially unwanted application

26.83%

avast!

InstallMonstr-DY [PUP], InstallMonstr-AV [PUP], Win32:InstallMonstr-DK [PUP], Win32:InstallMonstr-AS [PUP], Win32:InstallMonstr-DL [PUP]

21.95%

VIPRE Antivirus

Threat.4845009, Threat.4150696

19.51%

Norman

InstallMonster.B, InstallMonstr.END, Gen:Variant.Strictor.49307, Gen:Variant.Adware.Symmi.26393, Gen:Variant.Zusy.81977

14.63%

Dr.Web

Trojan.InstallMonster.51, Trojan.InstallMonster.19, Trojan.InstallMonster.89, Trojan.InstallMonster.21, Trojan.InstallMonster.38

12.20%

Avira AntiVirus

APPL/InstallMonst.QA, APPL/InstallMonster.Gen, ADWARE/Adware.Gen

12.20%

Emsisoft Anti-Malware

Gen:Variant.Adware.Symmi.41729, Gen:Adware.SMSHoax, Gen:Variant.Strictor.49307, Gen:Variant.Adware.Strictor.40958

12.20%

MicroWorld eScan

Gen:Variant.Adware.Symmi.41729, Gen:Adware.SMSHoax.7, Gen:Variant.Strictor.49307

9.76%

NANO AntiVirus

Trojan.Win32.InstallMonster.dbipfy, Trojan.Win32.Monstruos.cukizd, Trojan.Win32.ArchSMS.dmnyfy

9.76%

Bitdefender

Gen:Variant.Adware.Symmi.41729, Gen:Adware.SMSHoax.7, Gen:Variant.Strictor.49307

9.76%

Agnitum Outpost

Riskware.Agent, PUA.Downloader, Trojan.Agent

9.76%

G Data

Gen:Variant.Adware.Symmi.41729, Gen:Adware.SMSHoax, Gen:Variant.Strictor.49307

9.76%

Rising Antivirus

PE:Malware.InstallMonstr!6.38, PE:Adware.SMSHoax!6.1370, PE:Trojan.StartPage!6.216

9.76%

AVG

Trojan horse FakeAV.ASLA, Trojan horse Generic34.AYMK, PSW.Banker6, Adware BundleApp.LY

9.76%

The domain getfile.eu has been seen to resolve to the following 5 IP addresses.

70.32.1.32

ip-70.32.1.32.hosted.by.gigenet.com

September 14, 2016

103.224.182.251

lb-182-251.above.com

October 29, 2015

69.43.161.180

September 2, 2014

5.149.255.141

April 14, 2014

5.149.255.112

March 27, 2014

File downloads found at URLs served by getfile.eu.

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/108608233/63432325/788160356/.../Neizvestnyj_ispolnitel_-_jay-z_featuring_blackstreetclub_pacha_moscowloc_dog_feat._mashadj_levnyusha-_(get-tune.net).mp3&name=Neizvestnyj_ispolnitel_-_jay-z_featuring_blackstreetclub_pacha_moscowloc_dog_feat._mashadj_levnyusha-_(get-tune.net).mp3&type=mp3&size=9453649 (16af01c6e2984e7f65db3ce6ea7e899f)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/225270995/211147213/3645021474/.../AK-47_-_2013_(get-tune.net).mp3&name=AK-47_-_2013_(get-tune.net).mp3&type=mp3&size=5527131 (ak-47_-_2013_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=15&url=http://.../go.php?id=544656&name=Grand Theft Auto 5.exe&type=setup&size=6291456 (72d949968322dbcf6c580da2d7a7e391)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://vpleer.ru/download/.../?cs=1-27v4&d=p25&audio=bce0683c3172a9&song=Ruby-Stinge Lumina&name=ruby-stinge-lumina&type=audio&size= (ruby-stinge-lumina.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://muzico.ru/download/.../?cs=1-30v4&d=p28&audio=53fe2d0beaf66f&song=Adriana Antoni-Inima mea [download-muzica.ro]&name=adriana-antoni-inima-mea-download-muzicaro&type=audio&size= (adriana-antoni-inima-mea-download-muzicaro.exe)

5 / 68 (PUP)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/187469401/132364696/624209438/.../Natali_-_Rington-_Natali_O_Bozhe_Kakoj_Muzhchina_O_Bozhe_Kakoj_Muzhchina_(get-tune.net).mp3&name=Natali_-_Rington-_Natali_O_Bozhe_Kakoj_Muzhchina_O_Bozhe_Kakoj_Muzhchina_(get-tune.net).mp3&type=mp3&size=4499882 (natali_-_rington-_natali_o_bozhe_kakoj_muzhchina_o_bozhe_kakoj_muzhchina_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/123873072/135231558/1833640625/.../Armenchik_-_Qez_Sirelov_new_2011_(get-tune.net).mp3&name=Armenchik_-_Qez_Sirelov_new_2011_(get-tune.net).mp3&type=mp3&size=3404062 (armenchik_-_qez_sirelov_new_2011_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/96408331/36902109/3161716547/.../ZAV_Djan_-_harsaniqi_par_(get-tune.net).mp3&name=ZAV_Djan_-_harsaniqi_par_(get-tune.net).mp3&type=mp3&size=3796887 (zav_djan_-_harsaniqi_par_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://mpoisk.com/download/.../?cs=1-42v4&d=p14&audio=afe722f668d9dc&song=???? ???? (???? ?????)-Chga Kizi Nman&name=sayat-nova-nune-esayan-chga-kizi-nman&type=audio&size= (sayat-nova-nune-esayan-chga-kizi-nman.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/82354010/54911951/1602669750/.../Natal_ya_Maj_-_Ne_zhuris_(get-tune.net).mp3&name=Natal_ya_Maj_-_Ne_zhuris_(get-tune.net).mp3&type=mp3&size=5468085 (natal_ya_maj_-_ne_zhuris_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/233537839/40695567/2152085524/.../Oleg_Kenzov_-_U_menya_byl_seks_novaya_versiya_(get-tune.net).mp3&name=Oleg_Kenzov_-_U_menya_byl_seks_novaya_versiya_(get-tune.net).mp3&type=mp3&size=8361330 (oleg_kenzov_-_u_menya_byl_seks_novaya_versiya_(get-tune.net).exe)

1 / 68 (Malware)

http://getfile.eu/get_file/?sid=802&url=http://mpoisk.com/download/.../?cs=5971v4&u=2801968&audio=ce6284fc8a5d&song=Tata Simonyan Dzyunanush-??? ????????&name=tata-simonyan-dzyunanush-bez-nazvaniya&type=audio&size= (tata-simonyan-dzyunanush-bez-nazvaniya.exe)

1 / 68 (Malware)

http://getfile.eu/get_file/?sid=802&url=http://vpleer.ru/download/.../?cs=1-51v4&d=p19&audio=c93bdf53f2f294&song=????????? ??????-????? ??? ? ??? ??????)))&name=diskoteka-avariya-noviy-god-k-nam-mchitsya&type=audio&size= (diskoteka-avariya-noviy-god-k-nam-mchitsya.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=491&url=http://sprashka.ucoz.ru/.../0-0-0-393-20&name=???????? ?????????&type=powerpoint&size=1.06Mb (клещевой инцефалит.exe)

2 / 68 (PUP)

http://getfile.eu/get_file/?sid=1200&url=http://rghost.ru/download/47374945/.../vksaver.exe&name=vksaver.exe&type=setup&size=3145728 (a87d686d0ec9a6f02f7f8debb186e8f3)

2 / 68 (inconclusive)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/215732642/-38834713/1841881456/.../Hans_Zimmer_-_10._Finale_OST-HD_Odinokij_Rejndzher_The_Lone_Ranger_Official_2013_(get-tune.net).mp3&name=Hans_Zimmer_-_10._Finale_OST-HD_Odinokij_Rejndzher_The_Lone_Ranger_Official_2013_(get-tune.net).mp3&type=mp3&size=5255608 (hans_zimmer_-_10._finale_ost-hd_odinokij_rejndzher_the_lone_ranger_official_2013_(get-tune.net).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://mpoisk.com/download/.../?cs=1-37v4&d=p14&audio=303715c7a46d6e&song=??? ??? ????? ????? 2010-? ???? ?????, i love you&name=hit-lav-radio-osenj-2010-ya-tebya-lyublyu-i-love-you&type=audio&size= (hit-lav-radio-osenj-2010-ya-tebya-lyublyu-i-love-you.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://mpoisk.com/download/.../?cs=1-30v4&d=p5&audio=7cc3e03b5fa4d3&song=?????-??????? ???, ??????&name=artur-schastje-moe-privet&type=audio&size= (artur-schastje-moe-privet.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=802&url=http://mpoisk.com/download/.../?cs=1-15v4&d=p20&audio=91895596affe33&song=????? ????-- ??????? ??? ??????&name=artur-best-schastje-moe-privet&type=audio&size= (artur-best-schastje-moe-privet.exe)

1 / 68 (Adware)

http://getfile.eu/.../?j=c2lkPTIzNjkmdXJsPWh0dHAlM0ElMkYlMkY3bWluZWNyYWZ0LnJ1JTJGbG9hZCUyRjAtMC0wLTM2NC0yMCZuYW1lPVNwaW5vJ3MrVmVoaWNsZXMrKCVEMCU5QyVEMCVCRSVEMCVCNCslRDAlQkQlRDAlQjArJUQwJUJDJUQwJUIwJUQxJTg4JUQwJUI4JUQwJUJEJUQxJThCKSsxLjYuMiZ0eXBlPXVuZGVmaW5lZCZzaXplPTEuMjNNYg (spino's vehicles (мод на машины) 1.6.exe)

1 / 68 (Adware)

1 / 68 (Adware)

http://getfile.eu/.../?j=c2lkPTIyODkmdXJsPWh0dHAlM0ElMkYlMkZpc3RvcnJlbnQucnUlMkZsb2FkJTJGMC0wLTEtNi0yMCZuYW1lPUZJRkErMjAxNCZ0eXBlPXVuZGVmaW5lZCZzaXplPQ (fifa 2014.exe)

6 / 68 (PUP)

http://getfile.eu/get_file/?sid=500&url=http://torrent-trek.at.ua/.../0-0-0-343-20&name=Sims 3&type=torrent&size=28.4Kb (sims 3.exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/139405067/75616100/1600738131/.../..._-_._._.Ona_ne_lyubit_slezy_no_vsyo_zhe_plachet_nochami_stoya_u_okna_Ona_yasna_kak_gryozy_Ona_tak_(get-tune.net).mp3&name=..._-_._._.Ona_ne_lyubit_slezy_no_vsyo_zhe_plachet_nochami_stoya_u_okna_Ona_yasna_kak_gryozy_Ona_tak_(get-tune.net).mp3&type=mp3&size=4059752 (c2b482c69333869174cd863e485295ee)

1 / 68 (Adware)

http://getfile.eu/.../?j=c2lkPTIwOTgmdXJsPWh0dHAlM0ElMkYlMkZ3d3cucHJvdWQtcG9ydGFsLnJ1JTJGbG9hZCUyRjAtMC0wLTM2MC0yMCZuYW1lPSVEMSU4MiVEMCVCNSVEMCVCQiVEMCVCNSVEMCVCRiVEMCVCRSVEMSU4MCVEMSU4MislRDAlQjIrbWluZWNyYWZ0JnR5cGU9dW5kZWZpbmVkJnNpemU9 (телепорт в minecraft.exe)

4 / 68 (PUP)

http://getfile.eu/get_file/?sid=190&url=http://torrentsfiles.ru/.../0-0-0-1361-20&name=????????? ????????. ??????????? ????????&type=torrent&size=17.3Kb (симулятор вождения.exe)

2 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/107775124/6073196/88939804/.../Javier_Navarrete_-_OST_El_laberinto_del_fauno_Odin_iz_luchshih_saundtrekov_poslednih_let._Oskar_20_(get-tune.net).mp3&name=Javier_Navarrete_-_OST_El_laberinto_del_fauno_Odin_iz_luchshih_saundtrekov_poslednih_let._Oskar_20_(get-tune.net).mp3&type=mp3&size=3343679 (c461590de6039784f01c29446160f222)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=26&url=http://file.xmusic.me/mp3/222375052/113188149/2959605930/.../Vladimer_Zaharov_i_Anya_Vorobej_-_A_ty_ves_posidel..._(xMusic.me).mp3&name=Vladimer_Zaharov_i_Anya_Vorobej_-_A_ty_ves_posidel..._(xMusic.me).mp3&type=mp3&size=3914607 (vladimer_zaharov_i_anya_vorobej_-_a_ty_ves_posidel..._(xmusic.me).exe)

1 / 68 (Adware)

http://getfile.eu/get_file/?sid=23&url=http://stream.get-tune.net/listen/123173170/22030319/779305763/.../Tihaya_i_spokojnaya_muzyka_-_tipa_spokojnoj_nochki_poslushaj_i_zasypaj_spokojno_Minus-_minusovki_laza_(get-tune.net).mp3&name=Tihaya_i_spokojnaya_muzyka_-_tipa_spokojnoj_nochki_poslushaj_i_zasypaj_spokojno_Minus-_minusovki_laza_(get-tune.net).mp3&type=mp3&size=8059964 (0cf2f6b1c2c6a436f4f1065d10246cac)

1 / 68 (Adware)

http://getfile.eu/.../?j=c2lkPTg1NyZ1cmw9aHR0cCUzQSUyRiUyRnRlbXktd2luZG93czcucnUlMkZsb2FkJTJGMC0wLTAtMTI2LTIwJm5hbWU9U291bmRzK1BhY2smdHlwZT11bmRlZmluZWQmc2l6ZT0zLjUzTWI (sounds pack.exe)

Latest 30 of 46 download URLs

The following 41 files have been seen to comunicate with getfile.eu in live environments.

TCP » 103.224.182.251:80

updater.exe

TCP » 103.224.182.251:80

beegccajcc.exe

TCP » 70.32.1.32:80

trusted saver-updater.exe (Trusted Saver)

TCP » 70.32.1.32:80

ea778645-acd3-4ff9-b713-d5fa4ab4ed81-7.exe (OMG-Music+_05 by BND_C)

TCP » 103.224.182.251:80

befadegfdg_p.exe

TCP » 103.224.182.251:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 70.32.1.32:80

3006.exe (CinemaPlus-4.5vV28.05 by Cinema PlusV28.05)

TCP » 70.32.1.32:80

945c0e10-1e56-4743-9d6c-14d08bdeed9b-1-7.exe (App Lid by Lid)

TCP » 70.32.1.32:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 103.224.182.251:80

bedjhddhbj.exe

TCP » 103.224.182.251:80

online-guardian-v2.0.9.exe

TCP » 103.224.182.251:80

TeknoMW3.exe (TeknoMW3 by TeknoGods)

TCP » 103.224.182.251:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 70.32.1.32:80

1975.exe (CinemaPlus-3.2cV26.05 by Cinema PlusV26.05)

TCP » 70.32.1.32:80

plus-hd-2.3-updater.exe (Plus-HD-2.3 by Plus HD)

TCP » 70.32.1.32:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 70.32.1.32:80

Traffic Exchange Updater.exe (Traffic Exchange by Microleaves)

TCP » 70.32.1.32:80

hdvid codec v1-updater.exe (HDvid Codec V1 by installdaddy)

TCP » 70.32.1.32:80

6ed2b960-c61c-44c2-a90e-f4d0681bb4fb-1-7.exe (CinemaPlus-3.2cV25.05 by Cinema PlusV25.05)

TCP » 70.32.1.32:443

vosteran.exe

Latest 20 of 42 files

URL:

http://getfile.eu/

Google Analytics:

UA-48689684

Title:

“getfile.eu - getfile Resources and Information.”

Description:

“getfile.eu is your first and best source for all of the information you’re looking for. From general topics to more of what you would expect to find here, getfile.eu has it all. We hope you find what you are searching for!”

Web server:

Apache/2.2.22 (Debian)

Related Domains

1freesoftwareonline.com

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.