home

java.joydownload.com.br

JOAO BATISTA SANTANA DA SILVA

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
joydownload.com.br

Whois:
2 joydownload.com.br records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InnovativeSystems.R, PUP.InnovativeSystems.Installer (M), PUP.Innovati.Installer (M)
100.00%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
80.00%

AVG
Generic, Sevas
80.00%

Avira AntiVirus
APPL/Downloader.Gen, ADWARE/InstallCore.Gen9
80.00%

Dr.Web
Adware.Downware.6712, Adware.Downware.5295
60.00%

McAfee
Artemis!79994A15D9CD, Artemis!BADB6A0D2128, Artemis!6637BB1F86E1
60.00%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.Innovative
60.00%

Trend Micro House Call
Suspici.218D75EB, ADW_JOYLOAD
60.00%

IKARUS anti.virus
PUA.JoyDownloader
60.00%

Sophos
Generic PUA IK, Generic PUA PB
60.00%

ESET NOD32
Win32/JoyDownloader.D potentially unwanted application, Win32/InstallCore.QH potentially unwanted application
40.00%

Agnitum Outpost
Riskware.Agent
40.00%

G Data
Win32.Adware.OpenCandy
40.00%

AhnLab V3 Security
PUP/Win32.OpenCandy
40.00%

herdProtect (fuzzy)
a variant of ae3ac2d96654a24f5070b6c9c5ada4da1b89412f, a variant of 5d98e00ba52dc7ecfd16d054b8a17b656b9c7d74
40.00%

The domain java.joydownload.com.br has been seen to resolve to the following 6 IP addresses.

23.21.241.197
ec2-23-21-241-197.compute-1.amazonaws.com
December 1, 2014

23.23.159.111
ec2-23-23-159-111.compute-1.amazonaws.com
December 1, 2014

107.22.254.230
ec2-107-22-254-230.compute-1.amazonaws.com
September 27, 2014

184.73.244.120
ec2-184-73-244-120.compute-1.amazonaws.com
September 27, 2014

23.23.108.120
ec2-23-23-108-120.compute-1.amazonaws.com
September 13, 2014

107.22.195.231
ec2-107-22-195-231.compute-1.amazonaws.com
September 13, 2014

File downloads found at URLs served by java.joydownload.com.br.

1 / 68      (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXEwj 8WvauHEA0kxQ8PDK1GhzzcteQv I253eq ysyl4pHaAW7erC/.../rBQfh4MOw1QR8NHTP9Q==  (jre8u20windowsx64.exe)

18 / 68    (Adware)
http://java.joydownload.com.br/get_file/.../yWn9np5iNENJ1XlarnuNDC2xl5KZyvMQqvyCr5uybhkxMGfBwuV CvzT0zzsmnp0qmEvNKbm2tBs5J1hVBcAT7yGDU2nsAj7G2jDnGSA7ZawtXjNTYCabggJFsFNaXlACUjLJuMNBBhhqLuACckeZf5kuc2BHv56w7dl6ZmApn esGkfSgFi9O2XuMmlQ8U6Zr2zlL5bqBnw3XlQ5MMp4L5H2vi8JuUkD56NvASV49 M30poqbjDxEihBe6xdxWGGE=  (7u65.exe)

14 / 68    (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXAwj uQbjxCggnkkU3LTPkEhr4coOQp h152L0sC8rlY9RagT1Y/j2PHmugA0MIGjPEeqtCrc1watrh8yZDR7HpnOtHk20snm geeL7IzQ1GFL5sxu1woFFz6hDiAg3JY79WjwWWmLA UI2sy4PTEMK7MxJQpJavvlXTl1fsTcJBkji6jiAC1mcoTy2/.../hS2jEcQe5MGxUSyh88jSzz4rPrxCQYU9PXcktOOmFllriByigYIYR3mjFAawqZnu1Q0hP2DP9Q==  (jre8u20windowsx64.exe)

21 / 68    (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXBwj zXP7oQkEsml0kPjq1E1v4YdzZp7dvriWi8yE3iYccJgTtbLHuZSL6kUZTcWmPEfvkQeElyOBqws3eDQqb7XqwTB 17Wm00v/QqtnRmWdJoJIyiBZIVny1Tnpnn4Aj/yHoW3GSA7ZYwtW3bmtSerJxJRoOOb2tFC93PczOYUJ82P6jUW4jfJunmbgnBSqwsVDd3KY4Fpn esGkfXNe3dO2XuMmlQ9Krpr2zlL/ZLgyznLyXIge/.../jocfPxnh1JaRIBo4 M20htOO1FllrjRyikYQQASeiDAv5sZjmxggsOGDP9Q==  (jre8u20windowsx64.exe)

21 / 68    (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXEwj /TeqjC1c0kw48PjymGBjyaNXasOh152b0sCgrn8kFbk3kYqn PXGuyxdSMGmeX621E/Y9wrNyxdSWRAaX9T2uUxqj7TmtgLbbrdPKk2dKs55ziVZIRi/ Xix 18kr9Dn7WHGSA7ZdyM3zY25EKOVjZl1Nb738FXB7ctyUd11znqqnGCQvatqxw Z2BG6woB2WwqszQ9Gve4Gka3tOiZjhSPsv3BcX7ILv1xqtZu93l2v/.../rBQfh4MOw1QR8NHTP9Q==  (jre8u20windowsx64.exe)

14 / 68    (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXEwj 8WvauHEA0kxQ8PDK1GhzzcteQv A8/yWn9np5iNENJ1XlarnuNDC2w15KazrYCeLkErc90bhl1s3eDQ b7WmhWFT8 3G5gefTrNjfmGVZqtY6gV9QCzW1AX1/.../rBQfh4MOw1QR8NHTP9Q==  (jre8u20windowsx64.exe)

7 / 68      (Adware)
http://java.joydownload.com.br/get_ic_file/wUiS4GnYccXEwj 8WvauHEA0kxQ8PDK1GhzzcteQv c8/yan6D1gwJgELEfterL6PnC0xlJcTzGeEKqtH78lhewih5/CWR6avCX8BlT/pnm/mf6SpN3SgzoY/ssiiBZIVnGtGGcmy51q4Sn6XnycQuhbmZXnPzIGYLA0MUFcbL38FXB5ctybblt7zvT2GX8veYHz0eUxDmy6u1GMlvxmFtTkJNClLHta1dO/.../MW5QWvi8JuUkD5 NusWV49 M30nuvDdTFwwnnT1iZkdTnnxc1O1 ti7mVJwYDbWsyke1dPBcDf6KhWMzK9tYkH61CHdFgg1aH5CF5m0wA5cEzOfEanpGYaY90vNns53GudQXzt ZDbOoTmdNqBjQeAFrlP5FRzSlE6TEgqTEH1A3ouvYMAfvduAQFb2WTZlSieXuf48Gjrv0UDzJJ9gbe4JYGMRgg==  (jre8u20windowsx64.exe)

14 / 68    (Adware)
http://java.joydownload.com.br/get_file/wUiS4WnYccXGwj 8XPavWwllklU3NSr9Wk36Jd7T8rpouTq54SB0z8VbZRL1Y/j2PXmuhBBKOSCGGuO1Gac8gLNiztTCRB6avCX/BlSw4SXr1LKSvNKbm2BBs9Vp10dJF3ykACx3lsE79WjwXGmLFuMAnJKjJTxEYro4PRoLMr38FXB5ctybblt7zvT2GX8veYHz0ekzDWC9slGMlvxmFtHkJNClNnta1IK3HuM22URB/.../44JDmzR0kO2DP9Q==  (jre8u20windowsx64.exe)

The following file have been seen to comunicate with java.joydownload.com.br in live environments.

TCP » 23.21.241.197:80
install_flash_player-oc-jd.exe

Facebook:
Shares:  4

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.