mediafiretrend.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain mediafiretrend.com is registered by proxy through ENOM, INC. and was originally registered in October of 2010. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
ENOM, INC.

Server location:
Texas, United States (US)

Create date:
Monday, October 04, 2010

Expires date:
Tuesday, October 04, 2016

Updated date:
Sunday, October 04, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.h, PUP.OutBrowse (M), PUP.Amonetize (M), PUP.Amonetize.Bundler (M), PUP.InstallMonster.PlatynumKLABAITITOV (M), PUP.InstallMonster.Platynum (M), PUP.InstallMonster.NODASOFT (M), PUP.InstallMonster.Torgivel, PUP.InstallMonster.SmartKom.Meta (M), Adware.Amonetize.Meta (M), PUP (M), Adware.Amonetize (M)
96.97%

Dr.Web
Adware.Downware.1655, infected with Trojan.Amonetize.4075, infected with Trojan.OutBrowse.1611, infected with Trojan.Amonetize.10504
15.15%

McAfee
Artemis!0FA6618F5009, Artemis!C8605A25CA2D, Trojan.Artemis!727F56B1AC79, Program.Adware-OutBrowse.h
12.12%

Sophos
Amonetize, Generic PUA MK (PUA)
9.09%

VIPRE Antivirus
Amonetize
9.09%

McAfee Web Gateway
Artemis!0FA6618F5009, Artemis!C8605A25CA2D
9.09%

ESET NOD32
Win32/Amonetize.HG potentially unwanted application, Win32/OutBrowse.BZ potentially unwanted application, Win32/Amonetize.LF potentially unwanted application
9.09%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.OutBrowse, not-a-virus:Downloader.Win32.AdLoad
9.09%

Malwarebytes
PUP.Optional.InstallMonetizer
6.06%

K7 Gateway Antivirus
Trojan , Unwanted-Program
6.06%

K7 AntiVirus
Trojan , Unwanted-Program
6.06%

Trend Micro House Call
TROJ_GEN.F47V1205, TROJ_GEN.F47V1219
6.06%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AA (variant)
6.06%

IKARUS anti.virus
Win32.SuspectCrc, Virus.Win32.Dropper
6.06%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
6.06%

The domain mediafiretrend.com has been seen to resolve to the following 2 IP addresses.

mediafiretrend.com
February 13, 2016

mediafiretrend.com
February 6, 2014

File downloads found at URLs served by mediafiretrend.com.

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?q=chem dse 2013 answer  (chemdseanswer__15022_i1606789888_il2275323.exe.rar)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?q=pokemon fire red randomizer download  (pokemonfireredrandomizerdownload__15022_i1611242805_il1965503.exe.rar)

1 / 68      (PUP)
http://mediafiretrend.com/c.php?q=pokemon fire red randomizer download  (pokemonfireredrandomizerdownload__15022_i1611246554_il1965503.exe.rar)

1 / 68      (PUP)

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?q=prop hunt  (prophunt__15022_i1608559843_il2652176.exe.rar)

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?react=1&q=Prop Hunt.rar  (prophuntrar__15022_i1608560912_il2652438.exe.rar)

1 / 68      (PUP)

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?q=team extreme minecraft launcher download  (team extreme minecraft launcher download.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://mediafiretrend.com/cx.php?q=mediafire five nights at freddy s danlowen  (mediafire five nights at freddy s danlowen.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

0 / 68
http://mediafiretrend.com/c.php?q=tba june  (tbajune__15047_i1598214846_il138169.exe.rar)

1 / 68      (Adware)
http://mediafiretrend.com/c.php?q=slender man pobierz  (slender man pobierz__4326_il5448633.exe)

7 / 68      (PUP)
http://mediafiretrend.com/cx.php?react=1&q=Steam Codes.exe  (steam codes.exe__15022_i1732540490_il699020.ace)

7 / 68      (PUP)

20 / 68    (PUP)
http://mediafiretrend.com/cx.php?q=http verified download com file 03i96c  (httpverifieddownloadcomfileic__15047_i1598099336_il112685.exe.rar)

12 / 68    (Adware)
http://mediafiretrend.com/c.php?q=shanks mihawk doujinshi free  (pcoptimizer__2681_i203679652_il12331542.exe)

 
Latest 30 of 35 download URLs

The following 6 files have been seen to comunicate with mediafiretrend.com in live environments.

URL:
http://mediafiretrend.com/

Google Analytics:
UA-508314

Title:
“Mediafire search, mediafire search engine - Direct download links from mediafire.com”

Web server:
Apache

Facebook:
Likes:  13,245
Shares:  434
Comments:  98

Statistics above are for the previous month of May 2017.