it.pc-file.info

FIRSERIA, S.L.  (via a Proxy Registrant)

Domain Information

The domain it.pc-file.info is registered by proxy through GoDaddy.com, LLC. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher FIRSERIA, S.L. who is located in Badalona, Barcelona in Spain.
Registrar:
GoDaddy.com, LLC

Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Google Safe Browsing:
phishing

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FIRSERIASL.DD, PUP.Installer.AppsInstallerSL.G, PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.Bechiro.Bundler (M), PUP.Solimba.RAPIDDOWN.Bundler (M), PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba.EilioDev.Installer (M), Threat.Win.Reputation.IMP, PUP.Solimba.RAPIDDOW.Bundler (M), PUP.Solimba (M)
92.59%

ESET NOD32
Win32/FirseriaInstaller.G potentially unwanted application, Detection.Undefined, MSIL/Solimba.AH potentially unwanted application
18.52%

avast!
Win32:Adware-BQN [Trj], MSIL:Solimba-Z [PUP], Morstar-U [PUP], Win32:Installer-I [PUP]
14.81%

VIPRE Antivirus
Threat.4895151, Threat.4150696, DownloadMR
14.81%

AVG
Adware BundleApp.BJ, Adware BundleApp_r.AV, Adware Skodna.Generic, Adware Skodna.Bundle.BD
14.81%

Dr.Web
Adware.Downware.2640, Adware.Downware.8763, Adware.Downware.1302, Adware.InstallCore.125, Adware.InstallCore.122
14.81%

Sophos
Solimba Installer, PUA 'Solimba Installer'
11.11%

Malwarebytes
PUP.Optional.AppsInstaller, PUP.Optional.Solimba
7.41%

K7 AntiVirus
Trojan , Unwanted-Program
7.41%

K7 Gateway Antivirus
Trojan , Unwanted-Program
7.41%

F-Prot
W32/Morstar.B.gen, W32/InstallCore.R.gen
7.41%

Agnitum Outpost
PUA.Firseria, PUA.Solimba
7.41%

Comodo Security
Application.Win32.FirseriaInstaller.RRB, Application.Win32.Solimba.L
7.41%

Avira AntiVirus
APPL/Firseria.A.6, PUA/Solimba.Gen
7.41%

G Data
Win32.Application.Morstar, Win32.Application.Solimba
7.41%

The domain it.pc-file.info has been seen to resolve to the following 7 IP addresses.

ec2-52-20-26-1.compute-1.amazonaws.com
May 30, 2016

ec2-54-210-177-99.compute-1.amazonaws.com
April 3, 2016

ec2-52-86-173-174.compute-1.amazonaws.com
April 3, 2016

ec2-54-164-36-16.compute-1.amazonaws.com
February 16, 2016

ec2-52-2-153-162.compute-1.amazonaws.com
February 16, 2016

ec2-23-23-84-67.compute-1.amazonaws.com
June 5, 2014

ec2-107-22-251-68.compute-1.amazonaws.com
December 26, 2013

File downloads found at URLs served by it.pc-file.info.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Malware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

7 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

2 / 68      (inconclusive)

1 / 68      (Adware)

1 / 68      (Adware)

25 / 68    (Adware)

10 / 68    (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

18 / 68    (Adware)

1 / 68      (Adware)

URL:
http://it.pc-file.info/

Google Analytics:
UA-40922796

Title:
“PC-File”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

Facebook:
Shares:  1

Statistics are for the previous month.