new.getapplicationmy.info

WEB PICK - INTERNET HOLDINGS LTD

Domain Information

getapplicationmy.info is a landing page for the download and installtion of software wrapped with the WebPick Internet Holdings InstalleRex download manager which distributes adware web browser extensions and utility offers in the installer. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter. The domain is associated with the publisher WEB PICK - INTERNET HOLDINGS LTD who is located in Ramat Hasharon, Israel.
Remove Malware from new.getapplicationmy.info - Powered by Reason Core Security
Registrar:
EvoPlus Ltd. (R589-LRMS)

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.SergeyPetrov.I, PUP.Optional.SergeyPetrov.n, PUP.SergeyPetrov.Y
100.00%

avast!
Win32:InstalleRex-BI [PUP]
33.33%

AVG
Generic_r.HY
33.33%

Bkav FE
W32.MultiPlugAZ.Adware
33.33%

MicroWorld eScan
Gen:Variant.Adware.Dropper.101
33.33%

McAfee
PUP-FID!3EA3DA69CEC2
33.33%

Malwarebytes
PUP.Optional.MultiPlug.A
33.33%

VIPRE Antivirus
Installerex/WebPick
33.33%

K7 AntiVirus
Adware
33.33%

K7 Gateway Antivirus
Adware
33.33%

NANO AntiVirus
Riskware.Win32.MultiPlug.cvshxw
33.33%

F-Prot
W32/MultiPlug.C.gen
33.33%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Agent
33.33%

Bitdefender
Gen:Variant.Adware.Dropper.101
33.33%

Agnitum Outpost
PUA.MultiPlug
33.33%

The domain new.getapplicationmy.info has been seen to resolve to the following 2 IP addresses.

ec2-54-186-255-26.us-west-2.compute.amazonaws.com
May 21, 2014

ec2-54-201-215-30.us-west-2.compute.amazonaws.com
March 14, 2014

File downloads found at URLs served by new.getapplicationmy.info.

The following file have been seen to comunicate with new.getapplicationmy.info in live environments.

URL:
http://new.getapplicationmy.info/

Title:
“Welcome to nginx!”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
ngx_openresty

Remove Malware from new.getapplicationmy.info - Powered by Reason Core Security