is.inncdn.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain is.inncdn.com is registered by proxy through ENOM, INC. and was originally registered in October of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Remove Malware from is.inncdn.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Sunday, October 21, 2012

Expires date:
Wednesday, October 21, 2015

Updated date:
Wednesday, September 24, 2014

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

K7 Gateway Antivirus
Trojan , Unwanted-Program
87.50%

K7 AntiVirus
Trojan , Unwanted-Program
87.50%

VIPRE Antivirus
Threat.4150696, Threat.4788237, Trojan.Win32.Generic
87.50%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
87.50%

AVG
Adware InstallCore, Adware InstallCore.LO
87.50%

Dr.Web
Trojan.Packed.24524, Trojan.MulDrop5.10078
87.50%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.InstallCore.A
87.50%

Avira AntiVirus
ADWARE/InstallCore.Gen9, Adware/InstallCo.zkr, Adware/InstallCore.A.148
87.50%

Reason Heuristics
PUP.installCore.FITDownloader (M), PUP.FITDownloader.T, PUP.FITDownloader.I, PUP.FITDownloader.P, PUP.Installer.FITDownloader, Threat.Installer.FITDownloader
75.00%

herdProtect (fuzzy)
a variant of f7622a2293750dc0c2c8a82075d391ff4ec11100, a variant of b57b87aa26a6839062484863e9cccc1845f6cae9, a variant of f5f5b9c7671d1185e330f87a98413ea8f65b218b
75.00%

ESET NOD32
Win32/InstallCore.ON potentially unwanted application, Win32/InstallCore.OX potentially unwanted application
62.50%

NANO AntiVirus
Riskware.Win32.InstallCore.dfgosv, Riskware.Win32.InstallCore.dfuulp
50.00%

McAfee Web Gateway
BehavesLike.Win32.CryptInno.jc, BehavesLike.Win32.CryptInno.bc, Artemis!38B0899C495E
50.00%

Agnitum Outpost
PUA.InstallCore
25.00%

Vba32 AntiVirus
Downware.InstallCore
25.00%

The domain is.inncdn.com has been seen to resolve to the following 6 IP addresses.

unallocated.barefruit.co.uk
May 6, 2015

ec2-54-68-221-84.us-west-2.compute.amazonaws.com
September 30, 2014

ec2-54-201-96-17.us-west-2.compute.amazonaws.com
August 13, 2014

ec2-54-191-124-126.us-west-2.compute.amazonaws.com
August 12, 2014

ec2-54-186-106-124.us-west-2.compute.amazonaws.com
June 5, 2014

ec2-54-187-235-73.us-west-2.compute.amazonaws.com
June 5, 2014

File downloads found at URLs served by is.inncdn.com.

17 / 68    (Adware)
http://is.inncdn.com/?ic_user_id=539  (microsoft-visual-basic.exe)

16 / 68    (Adware)

13 / 68    (Adware)
http://is.inncdn.com/?ic_user_id=539  (doro-pdf-writer.exe)

16 / 68    (Adware)

13 / 68    (Adware)
http://is.inncdn.com/?ic_user_id=539  (adblock-plus-chrome.exe)

10 / 68    (Adware)
http://is.inncdn.com/?ic_user_id=539  (forumerit_download_manager.exe)

10 / 68    (Adware)

1 / 68      (Adware)
http://is.inncdn.com/?ic_user_id=539  (microsoft-office-2007.exe)

The following 137 files have been seen to comunicate with is.inncdn.com in live environments.

 
Latest 20 of 137 files

URL:
http://is.inncdn.com/

Web server:
nginx/1.0.15

Remove Malware from is.inncdn.com - Powered by Reason Core Security