home

msn-messenger.joydownload.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain msn-messenger.joydownload.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Monday, March 18, 2013

Expires date:
Saturday, March 18, 2017

Updated date:
Thursday, January 28, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
joydownload.com

Whois:
2 joydownload.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InnovativeSystems.EE, PUP.InnovativeSystems.Installer (M)
100.00%

Trend Micro House Call
Suspici.F184F561
66.67%

avast!
Win32:Adware-gen [Adw]
66.67%

Dr.Web
Adware.Downware.5295
66.67%

ESET NOD32
Win32/JoyDownloader
66.67%

McAfee
Artemis!9B391BCEAB0C
33.33%

Malwarebytes
PUP.Optional.OpenCandy
33.33%

VIPRE Antivirus
Trojan.Win32.Generic
33.33%

AVG
Sevas
33.33%

herdProtect (fuzzy)
a variant of db0cbad173ee4d1393cd9bb4fdcc6a4cd35ea430
33.33%

The domain msn-messenger.joydownload.com has been seen to resolve to the following 4 IP addresses.

50.19.96.56
ec2-50-19-96-56.compute-1.amazonaws.com
April 12, 2016

54.225.168.223
ec2-54-225-168-223.compute-1.amazonaws.com
April 12, 2016

107.22.254.230
ec2-107-22-254-230.compute-1.amazonaws.com
September 21, 2014

184.73.244.120
ec2-184-73-244-120.compute-1.amazonaws.com
September 21, 2014

File downloads found at URLs served by msn-messenger.joydownload.com.

1 / 68      (Adware)
http://msn-messenger.joydownload.com/get_azure_file/wUiS4WnYccXDyCf4UfO5CV530RJ0YyqsWxLzY9bB6KBo8Dir4SsnlYxbb1XsK7H NWH4hEZTcWmNEfumCr50yb1q1pDEW1mD9GzyD079qib81eiM 5qbxD0c9NcthEhFSnO5Cj13kNM5 TX6RGORQrxCnY 0JTxEYro4PVhWZ738FXB6ctzHIx0riLPvUSwjcpenma1sTDyouQPFnfttA5K/.../h0r6arh 1CalCd0bt5OpSDrjtpuCkygpb7FRTsc3P3Ux5r37SU8jnB3z3d9OASjoFAawqZnu1Ux8amDP4WAV1prZMni6GgLPg7l1bgjikniJUFVyKmhUWg==  (msn-messenger-7-7.5.0324 7.0.0820.exe)

1 / 68      (Adware)
http://msn-messenger.joydownload.com/get_azure_file/wUiS4WnYccXDyCf4UfO5CV530RJ0YyqsWxLzY9bB6KBo8Dir4SsnlYxbb1XsK7H/NWH/mQBKOTqGGuLkErY90eA5kNSWRAaT9T36CFT8 3G8geeX943KmiBBpJ8iilFLXHG1AX1/lsk7oWjoUSCTR7ZOj56/Y2hAK6s5bBINOb2zEmh0O8TPLAkjnqqnGCUvasWrhf8 TWO/uEjGmfllAIC2M8ioZWMJl4HkX7w2lEQf7Iz8jlz6a6N0lyflCclX/.../s nhFp7aSeGpW0J2sfWLnKrR0XNmP1haRzw3SPXGl99PGhUWg==  (msn-messenger-7-7.5.0324 7.0.0820.exe)

1 / 68      (Adware)
http://msn-messenger.joydownload.com/get_azure_file/wUiS4WnYccXBwj sXP7oQkEsnV0kNjyuEB/ga5/ZtukkrTyqsGMxwd4EP07ibrL4LXj/ylZSIDzPCeLkErI90f45mpLCQE D9GzyCkzl7TP/0reEvNKBm2JPoJI5hlxDVH6sSTR2ntFwp3/.../cK9rly kB99N6dm7XXnhsZGOz2R1db0AT4I3Kyl87LbyXwhqzRyy3c9AGj7qRQfyo5D2k1Zmfi6V8S9WgcvYc3ipRkvP1bkhdF llmKCWl1gK2hUWg==  (msn-messenger-7-7.5.0324 7.0.0820.exe)

14 / 68    (Adware)
http://msn-messenger.joydownload.com/get_file/wUiS4WnYccXAwj 1RrjxCgghkkVxZmbzR1 xcteQv E8/yG6sGMxwdoEP0b1Y/j2O3mulg0EZ3GHWOOkEL8lnvo 2ZvIRE/EoXitTlvwpXyhjuvRrdvcinhMv5Uug11AVGjyQmtnn4Aj CHoDyvZGf4J2sy4PTYDaL4zLhAONK78FXB eMTcckJhzP21W2NnJJf5kuc0DWOo7xmRgaI5R9HoLpX7LWNXnMu F/.../44JDnzR1lZybWsyke2NPBOXeuTEXPg7l1agjilniDFgFsY3tUWg==  (msn-messenger-7-7.5.0324++7.0.0820.exe)

URL:
http://msn-messenger.joydownload.com/

Title:
“MSN Messenger - Download MSN Messenger 7.5 in english on JoyDownload”

Description:
“MSN Messenger, also known as Windows Live Messenger, is a traditional instant messaging client with new built-in features - Download MSN Messenger latest version here.”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.9.12 (PHP/5.3.10-1ubuntu3.21)

Facebook:
Likes:  16
Shares:  40
Comments:  2

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.