home

musicdoldin.net

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain musicdoldin.net is registered by proxy through NAME.COM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
NAME.COM, INC.

Server location:
Oregon, United States (US)

Create date:
Thursday, March 27, 2014

Expires date:
Friday, March 27, 2015

Updated date:
Saturday, May 10, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Whois:
1 musicdoldin.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.I, Adware.WebPick.Installer.i, Adware.WebPick.Installer.DD, Adware.WebPick.Installer.?, Adware.WebPick.Installer.r, Adware.WebPick.Installer (M), Adware (M)
100.00%

McAfee
PUP-FHQ!B11EF13D23BE, PUP-FHQ!EB5AD95C80B9, PUP-FHQ!392DC566084C, PUP-FHQ!1676FE22ED17, Program.PUP-FHQ
50.00%

Malwarebytes
PUP.Optional.InstalleRex
50.00%

Kaspersky
Trojan.Win32.AntiFW
50.00%

Comodo Security
Application.Win32.InstalleRex.KG
50.00%

VIPRE Antivirus
Trojan.Win32.Generic, Installerex/WebPick, Threat.4150696
50.00%

G Data
Win32.Application.InstalleRex, Gen:Variant.Application.Strictor.58380
50.00%

AhnLab V3 Security
PUP/Win32.TSULoader
50.00%

Vba32 AntiVirus
Downloader.AdLoad, AdWare.Agent
50.00%

Rising Antivirus
PE:PUF.InstallRex!1.9E4C, PE:Trojan.DL.Win32.AntiFW.a!1075355932
50.00%

Quick Heal
Trojan.AntiFW.A5
41.67%

NANO AntiVirus
Riskware.Win32.InfoLeak.cvgqot
41.67%

Norman
Genome.GR, Gen:Variant.Application.Strictor.58380
41.67%

Agnitum Outpost
Trojan.AntiFW
41.67%

Sophos
InstallRex, PUA 'InstallRex'
41.67%

The domain musicdoldin.net has been seen to resolve to the following 3 IP addresses.

54.186.53.99
ec2-54-186-53-99.us-west-2.compute.amazonaws.com
September 15, 2014

141.101.116.92
May 14, 2014

141.101.117.92
May 14, 2014

File downloads found at URLs served by musicdoldin.net.

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=Download&product_name=Download&installer_file_name=Download&external_id=1400004525371416882&self_redirect=1  (download.exe)

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=Download&product_name=Download&installer_file_name=Download&external_id=1399880491908457643&self_redirect=1  (download.exe)

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=Download&product_name=Download&installer_file_name=Download&external_id=1399892469949974126  (download.exe)

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=song&product_name=song&installer_file_name=song&q=song&external_id=1399826945379974766&self_redirect=1  (song.exe)

33 / 68    (Adware)
http://musicdoldin.net/.../?&q=Neat Video 3 1 Pro For After Effects Windows.rar&product_name=Neat Video 3 1 Pro For After Effects Windows.rar&installer_file_name=Neat Video 3 1 Pro For After Effects Windows.rar&q=Neat Video 3 1 Pro For After Effects Windows.rar&external_id=1399809070853189946&self_redirect=1  (neat video 3 1 pro for after effects windows.rar.exe)

33 / 68    (Adware)
http://musicdoldin.net/download/.../?q=Download&product_name=Download&installer_file_name=Download&affiliate_id=nstst&aff_id=nstst&external_id=1400000198749637667&self_redirect=1&filesize=&uuid=aVbkOvUpNQbVSS74bcW61k5iOAT5YzqxPUSL1ldU1zaSSd0qUc9asjRhde2gI0RQFdL1a5OQUzrj3nNJd4TDR0OTy44xS0HlnsAzfFsh1zmd4NVmhrh4YdHnPXLLXX2nf6gtNgT81t4Q5NClPx2pQYFMvCrQ4agphGqKo8ouYeFyAou1znsPrOW44MNS4QBlOaV4A3P87JuZEqD9JWHsynLSXx7U8Q3yBV93APyfMWiEOjXMyW610CBoXqNaF1QM3U6UT0Z23Q6lYOUb3o3irlaIKqY7XUgHyePhJdYkK877I5Kqfv3Yb0Y6NNgc0yvzODbj2t7NrZiB0S54MB4QUYFIWwkkSGpMsktz4NoOQq6C1dmuAxDcTVXpDHGKtrKXXWMiO1XUQ1kgGxDFe2iGmzaLS1nidztqu1aB1TcmmMVYzU1eU1e3zSOxbRbhYQ8SNGzwXVHbjq4GgQGP7vwbWmXqSYF55YeM0y8iZ3In5meqI4CZqaxWLQb1k9Y0SSrBENIVtnrBItLqdgah1iJ04VtjyIBIlxuOkB65rLmy7kIaxEAQt6W3OTxynwpvvetx60eqgEwYyBbxudtjD7TTvCMvjnnylt8ne1J2EIpcsDHjYvAGb076NK2DI8Qj94PbT0SMI9ko2ciAfEbEtWi9v5G7TOtqdffFIkYumegVMfDUDXC3wNYeDesomBV5pLXoDd9S0jzlDjDNEyp5dxu3TVGUcLsusA383oaHDAsMDkPMcB8yADlpzkgAuYHmjojgzU9w3kaLPoWTVEteiJcJ98HxSOu5oeOUtXJv5  (download.exe)

33 / 68    (Adware)
http://musicdoldin.net/.../?&q=Download&product_name=Download&installer_file_name=Download&affiliate_id=nstst&aff_id=nstst&external_id=1400000198749637667&self_redirect=1  (download.exe)

35 / 68    (Adware)
http://musicdoldin.net/.../?&q=Adobe Illustrator CC.17.1 Multilingual MacOSX - P2P&product_name=Adobe Illustrator CC.17.1 Multilingual MacOSX - P2P&installer_file_name=Adobe Illustrator CC.17.1 Multilingual MacOSX - P2P&q=Adobe Illustrator CC.17.1 Multilingual MacOSX - P2P&external_id=1399822772903330261&self_redirect=1  (adobe illustrator cc.17.1 multilingual macosx - p2p.exe)

21 / 68    (Adware)
http://musicdoldin.net/download/.../?q=Aiseesoft Blu-ray Player 6.2.32 Full Crack&q=Aiseesoft Blu-ray Player 6.2.32 Full Crack&product_name=Aiseesoft Blu-ray Player 6.2.32 Full Crack&installer_file_name=Aiseesoft Blu-ray Player 6.2.32 Full Crack&affiliate_id=puresofts&external_id=1399836270108750107&self_redirect=1&filesize=&uuid=sO05nhF6Jqx8BcEayETAilu6wiqY8io46V42dACIUmCyGTgmTDeJpRrroQWU5SnOk4M5sBve2B5kYYnTU5oorwhfsTWCIWcqnsQWyaGdw0HMNmE8Jjs2UazwvOUMHor7ot2B1yoUilZoJ7vhpVqiqjdR4VuvcKqD2zxSgGhxVCrFqCoek6sfom5hRKAFniuVCvQetzUfalhJQvhShmANuDsEaWpAms48BBXNTSG30mu5Bpgy2cr23jlXqsxNTXTCXh2ZeXFt9q45nm7JpH0ulHTztsKq1VPqfpAHLdeOPJe7P4hgjyLPzEwUXbBXQZON1xsLUlTqL3D1IyFdIG7hVa69t9dzV27R6TEh6OAuK4OH2igMoh4kGS6TFpSM4vuvyRuWM12XlQSa4iUGvIqr10HegbkQMxO20Q8CMWIIN6MEghhoLLCkgCObS4xhjAeC8ElvxcBORInUva6NtUMJNydpyRktU1euDdKASRVH0OugTZxcD3tb6t42OMEHIXfjp6ppztSumOIYPk7jlaJcvVVrBVxKJnpyBeGS4maKPI119zX34aoKy9FvyFJUAI7VmFbfhY7BOhaDRlHzXZjevFrKW3rDooxVtuxxeEpVzJk83VmxpHFK6NyR6ZojdEu9j3xiSsbJvsscrLWW4GuuNgHzb0  (aiseesoft blu-ray player 6.2.32 full crack.exe)

11 / 68    (Adware)
http://musicdoldin.net/.../?&q=TrpMix.Com.Clib.Elmadf3gya.Na7No.Atyna.Deizel-Kanka-Shendey-Dolsika.ft.MP3.BY.Hema4Ever.rar&product_name=TrpMix.Com.Clib.Elmadf3gya.Na7No.Atyna.Deizel-Kanka-Shendey-Dolsika.ft.MP3.BY.Hema4Ever.rar&installer_file_name=TrpMix.Com.Clib.Elmadf3gya.Na7No.Atyna.Deizel-Kanka-Shendey-Dolsika.ft.MP3.BY.Hema4Ever.rar&q=TrpMix.Com.Clib.Elmadf3gya.Na7No.Atyna.Deizel-Kanka-Shendey-Dolsika.ft.MP3.BY.Hema4Ever.rar&external_id=1399765549044561920&self_redirect=1  (trpmix.com.clib.elmadf3gya.na7no.atyna.deizel-kanka-shendey-dolsika.ft.mp3.by.hema4ever.rar.exe)

21 / 68    (Adware)
http://musicdoldin.net/.../?&q=MOD plugin.video.live.streams.zip&product_name=MOD plugin.video.live.streams.zip&installer_file_name=MOD plugin.video.live.streams.zip&q=MOD plugin.video.live.streams.zip&external_id=1400024073676923739&self_redirect=1  (mod plugin.video.live.streams.zip.exe)

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=D49DADBEB7693C288CB4627B7D68A979EDE502BD&product_name=D49DADBEB7693C288CB4627B7D68A979EDE502BD&installer_file_name=D49DADBEB7693C288CB4627B7D68A979EDE502BD&q=D49DADBEB7693C288CB4627B7D68A979EDE502BD&external_id=1399758607189418422&self_redirect=1  (d49dadbeb7693c288cb4627b7d68a979ede502bd.exe)

21 / 68    (Adware)
http://musicdoldin.net/.../?&q=Aiseesoft Blu-ray Player 6.2.32 Full Crack&product_name=Aiseesoft Blu-ray Player 6.2.32 Full Crack&installer_file_name=Aiseesoft Blu-ray Player 6.2.32 Full Crack&&q=Aiseesoft Blu-ray Player 6.2.32 Full Crack&affiliate_id=puresofts&external_id=1399836270108750107&self_redirect=1  (aiseesoft blu-ray player 6.2.32 full crack.exe)

1 / 68      (Adware)
http://musicdoldin.net/.../?&q=Download&product_name=Download&installer_file_name=Download&external_id=1399895776519731366&self_redirect=1  (download.exe)

The following file have been seen to comunicate with musicdoldin.net in live environments.

TCP » 54.186.53.99:80
fl studio 11 producer edition registry crck.rar.exe (StarApp)

URL:
http://musicdoldin.net/

Title:
“Welcome to nginx!”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
cloudflare-nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.