mirror.frogdownload.com

Somoto Ltd.  (via a Proxy Registrant)

Domain Information

frogdownload.com is the file server that hosts adware bundlers for the FilesFrog.com service run by Somoto. The domain mirror.frogdownload.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2012. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Haarlem, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Somoto Ltd. who is located in Tel Aviv, Israel.
Remove Malware from mirror.frogdownload.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Sunday, May 20, 2012

Expires date:
Friday, May 20, 2016

Updated date:
Thursday, May 22, 2014

ASN:
AS16265 LEASEWEB-NETWORK LeaseWeb B.V.,NL

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Adware distribution

Scan engine
Details
Detections

ESET NOD32
Win32/OpenCandy, Win32/Bunndle (variant)
100.00%

Trend Micro House Call
ADW_OPENCANDY, TROJ_FAKEALERT.BMH, TROJ_GEN.R0CBC0ELA13, TROJ_GEN.F47V0829
100.00%

Malwarebytes
PUP.Optional.OpenCandy, Trojan.FakeTor
75.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
75.00%

Bkav FE
W32.Clodabf.Trojan, W32.Clodc5c.Trojan
50.00%

Trend Micro
ADW_OPENCANDY, TROJ_GEN.R0CBC0ELA13
50.00%

Vba32 AntiVirus
AdWare.OpenCandy, Adware.iBryte
50.00%

Agnitum Outpost
Adware.OpenCandy
25.00%

XVirus List
Win.Detected
25.00%

Dr.Web
Adware.OpenCandy.3
25.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
25.00%

The Hacker
Trojan/Downloader.Zurgop.aw
25.00%

MicroWorld eScan
Trojan.Generic.9795664
25.00%

McAfee
Artemis!C769093B2C7E
25.00%

Norman
Troj_Generic.NUGRV
25.00%

The domain mirror.frogdownload.com has been seen to resolve to the following 4 IP addresses.

December 2, 2014

February 6, 2014

January 31, 2014

July 28, 2013

File downloads found at URLs served by mirror.frogdownload.com.

URL:
http://mirror.frogdownload.com/

Google Analytics:
UA-31912921

Title:
“Software and Driver Updates - FilesFrog.com”

Description:
“Software and driver downloads. The latest software updates, versions and downloads for Windows.”

Web server:
nginx

Remove Malware from mirror.frogdownload.com - Powered by Reason Core Security