install-cdn.surftastic.net

Yontoo LLC  (via a Proxy Registrant)

Domain Information

install-cdn.surftastic.net is operated by Sambreel's (now QuestPoint) subsidiary Yontoo. The domain install-cdn.surftastic.net is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Yontoo LLC who is located in Carlsbad, California in the United States.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Friday, December 20, 2013

Expires date:
Tuesday, December 20, 2016

Updated date:
Monday, December 21, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Surftastic.F, PUP.Installer.Surftastic.P
100.00%

Dr.Web
Trojan.BPlug.20
100.00%

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF
100.00%

McAfee
Artemis!2A8635B0D2B1, Artemis!5C86DE89F627, Artemis!EBDB54DA5AC6, Artemis!2E7404845219, Artemis!F5D1D8F426C8
83.33%

Malwarebytes
PUP.Optional.Surftastic.A
66.67%

NANO AntiVirus
Riskware.Win32.Agent.cqycvd
66.67%

Trend Micro House Call
TROJ_GE.E3BEBB0B, TROJ_GEN.F47V0401, TROJ_GEN.F47V0226, TROJ_GEN.F47V0323
66.67%

Kaspersky
not-a-virus:AdWare.Win32.Agent
66.67%

Comodo Security
Application.Win32.Altbrowse.AK
66.67%

VIPRE Antivirus
Adware.Agent, Yontoo
66.67%

Sophos
Generic PUA OA, Generic PUA NE, Generic PUA AF, Generic PUA IB
66.67%

Kingsoft AntiVirus
Win32.Troj.Agent.ah.(kcloud), VIRUS_UNKNOWN
66.67%

ESET NOD32
Win32/BrowseFox (variant)
66.67%

Fortinet FortiGate
Adware/Agent, Riskware/BrowseFox
66.67%

McAfee Web Gateway
Artemis!5C86DE89F627, Artemis!EBDB54DA5AC6, Artemis!2E7404845219, Artemis!F5D1D8F426C8
66.67%

The domain install-cdn.surftastic.net has been seen to resolve to the following 12 IP addresses.

a104-96-220-243.deploy.static.akamaitechnologies.com
May 24, 2016

a104-96-220-203.deploy.static.akamaitechnologies.com
May 24, 2016

a23-220-148-34.deploy.static.akamaitechnologies.com
May 20, 2016

a23-220-148-24.deploy.static.akamaitechnologies.com
May 20, 2016

a23-0-160-96.deploy.static.akamaitechnologies.com
April 7, 2016

a23-0-160-89.deploy.static.akamaitechnologies.com
April 7, 2016

April 6, 2016

April 6, 2016

a23-67-242-121.deploy.static.akamaitechnologies.com
April 11, 2014

a23-67-242-129.deploy.static.akamaitechnologies.com
April 11, 2014

March 20, 2014

a23-67-242-11.deploy.static.akamaitechnologies.com
March 20, 2014

File downloads found at URLs served by install-cdn.surftastic.net.

16 / 68    (Adware)
http://install-cdn.surftastic.net/setup.exe  (c9c6882b050416c17f100111dd3330c7)

16 / 68    (Adware)
http://install-cdn.surftastic.net/setup.exe  (5c86de89f627731c0805849249ff247e)

21 / 68    (Adware)
http://install-cdn.surftastic.net/setup.exe  (ebdb54da5ac601c93be758711f3c4985)

31 / 68    (Adware)
http://install-cdn.surftastic.net/setup.exe  (f5d1d8f426c85a1f36ccd7ee6161444c)

7 / 68      (Adware)

5 / 68      (Adware)

The following 86 files have been seen to comunicate with install-cdn.surftastic.net in live environments.

 
Latest 20 of 86 files

URL:
http://install-cdn.surftastic.net/

Web server:
Microsoft-IIS/7.5 (ASP.NET)

30 of 37 related domains