musicdoldin.net

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain musicdoldin.net is registered by proxy through NAME.COM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from musicdoldin.net - Powered by Reason Core Security
Registrar:
NAME.COM, INC.

Server location:
Oregon, United States (US)

Create date:
Thursday, March 27, 2014

Expires date:
Friday, March 27, 2015

Updated date:
Saturday, May 10, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.I, Adware.WebPick.Installer.i, Adware.WebPick.Installer.DD, Adware.WebPick.Installer.?, Adware.WebPick.Installer.r
100.00%

McAfee
PUP-FHQ!B11EF13D23BE, PUP-FHQ!EB5AD95C80B9, PUP-FHQ!392DC566084C, PUP-FHQ!1676FE22ED17, Program.PUP-FHQ
75.00%

Malwarebytes
PUP.Optional.InstalleRex
75.00%

Kaspersky
Trojan.Win32.AntiFW
75.00%

Comodo Security
Application.Win32.InstalleRex.KG
75.00%

VIPRE Antivirus
Trojan.Win32.Generic, Installerex/WebPick, Threat.4150696
75.00%

McAfee Web Gateway
PUP-FHQ!B11EF13D23BE, PUP-FHQ!EB5AD95C80B9, Heuristic.LooksLike.Win32.Suspicious.B, PUP-FHQ!1676FE22ED17, BehavesLike.Win32.Downloader.fc
75.00%

Kingsoft AntiVirus
Win32.Troj.AntiFW.b.(kcloud)
75.00%

G Data
Win32.Application.InstalleRex, Gen:Variant.Application.Strictor.58380
75.00%

AhnLab V3 Security
PUP/Win32.TSULoader
75.00%

Vba32 AntiVirus
Downloader.AdLoad, AdWare.Agent
75.00%

Rising Antivirus
PE:PUF.InstallRex!1.9E4C, PE:Trojan.DL.Win32.AntiFW.a!1075355932
75.00%

Quick Heal
Trojan.AntiFW.A5
62.50%

NANO AntiVirus
Riskware.Win32.InfoLeak.cvgqot
62.50%

Norman
Genome.GR, Gen:Variant.Application.Strictor.58380
62.50%

The domain musicdoldin.net has been seen to resolve to the following 3 IP addresses.

ec2-54-186-53-99.us-west-2.compute.amazonaws.com
September 15, 2014

May 14, 2014

May 14, 2014

File downloads found at URLs served by musicdoldin.net.

The following file have been seen to comunicate with musicdoldin.net in live environments.

URL:
http://musicdoldin.net/

Title:
“Welcome to nginx!”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
cloudflare-nginx

Remove Malware from musicdoldin.net - Powered by Reason Core Security