is.inncdn.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain is.inncdn.com is registered by proxy through ENOM, INC. and was originally registered in October of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Sunday, October 21, 2012

Expires date:
Friday, October 21, 2016

Updated date:
Saturday, December 19, 2015

Root domain:

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.FITDownloader (M), PUP.FITDownloader.T, PUP.FITDownloader.I, PUP.Installer.QUALITYSCORESL.T, PUP.FITDownloader.P, PUP.Installer.FITDownloader, Threat.Installer.FITDownloader, PUP.installCore.FITDownl (M), PUP.installCore (M)
94.12%

Dr.Web
Trojan.Packed.24524, Trojan.MulDrop5.10078, Trojan.InstallCore.1903
23.53%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.InstallCore.A, PUP.Optional.QualityScore
23.53%

K7 Gateway Antivirus
Trojan , Unwanted-Program
20.59%

K7 AntiVirus
Trojan , Unwanted-Program
20.59%

VIPRE Antivirus
Threat.4150696, Threat.4788237, Trojan.Win32.Generic
20.59%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
20.59%

AVG
Adware InstallCore, Adware InstallCore.LO
20.59%

Avira AntiVirus
ADWARE/InstallCore.Gen9, Adware/InstallCo.zkr, Adware/InstallCore.A.148
20.59%

ESET NOD32
Win32/InstallCore.ON potentially unwanted application, Win32/InstallCore.OX potentially unwanted application, Win32/InstallCore.AFV potentially unwanted application
17.65%

herdProtect (fuzzy)
a variant of f7622a2293750dc0c2c8a82075d391ff4ec11100, a variant of b57b87aa26a6839062484863e9cccc1845f6cae9, a variant of f5f5b9c7671d1185e330f87a98413ea8f65b218b
17.65%

NANO AntiVirus
Riskware.Win32.InstallCore.dfgosv, Riskware.Win32.InstallCore.dfuulp
11.76%

McAfee Web Gateway
BehavesLike.Win32.CryptInno.jc, BehavesLike.Win32.CryptInno.bc, Artemis!38B0899C495E
11.76%

avast!
Win32:Malware-gen, Adware-gen [Adw]
8.82%

Agnitum Outpost
PUA.InstallCore
5.88%

The domain is.inncdn.com has been seen to resolve to the following 6 IP addresses.

unallocated.barefruit.co.uk
May 6, 2015

ec2-54-68-221-84.us-west-2.compute.amazonaws.com
September 30, 2014

ec2-54-201-96-17.us-west-2.compute.amazonaws.com
August 13, 2014

ec2-54-191-124-126.us-west-2.compute.amazonaws.com
August 12, 2014

ec2-54-186-106-124.us-west-2.compute.amazonaws.com
June 5, 2014

ec2-54-187-235-73.us-west-2.compute.amazonaws.com
June 5, 2014

File downloads found at URLs served by is.inncdn.com.

1 / 68      (Adware)
http://is.inncdn.com/?ic_user_id=539  (forumerit_download_manager.exe)

The following 230 files have been seen to comunicate with is.inncdn.com in live environments.

 
Latest 20 of 230 files