platinumdown.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain platinumdown.com is registered by proxy through GODADDY.COM, LLC and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dusseldorf, Nordrhein-Westfalen within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Nordrhein-Westfalen, Germany (DE)

Create date:
Monday, July 01, 2013

Expires date:
Friday, July 01, 2016

Updated date:
Thursday, July 02, 2015

ASN:
AS25074 INETBONE-AS MESH GmbH

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SITEONSPOT.W, PUP.Installer.SITEONSPOT.b, PUP.Installer.SITEONSPOT.X, PUP.SITEONSPOT.EE, PUP.Installer.SITEONSPOT.Y, PUP.Somoto.Bundler (M), PUP.Somoto.SITEONSPOT.Bundler (M), PUP.Somoto.SITEONSP.Bundler (M), PUP.Somoto (M)
100.00%

Clam AntiVirus
Win.Adware.Somoto
72.22%

Dr.Web
Trojan.Packed.26824, Trojan.Packed.28357
66.67%

Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:Downloader.NSIS.Mazel
66.67%

VIPRE Antivirus
Trojan.Win32.Generic, BetterInstaller, Threat.4150696
66.67%

Baidu Antivirus
Adware.Win32.Somoto, Adware.Win32.Agent
61.11%

Sophos
Somoto BetterInstaller, Generic PUA OL, Generic PUA IP, PUA 'Somoto BetterInstaller'
55.56%

ESET NOD32
Win32/Somoto
50.00%

MicroWorld eScan
Application.Bundler.Somoto.J, Application.Bundler.Somoto.W
50.00%

Bitdefender
Application.Bundler.Somoto.J, Application.Bundler.Somoto.W
50.00%

NANO AntiVirus
Riskware.Win32.Agent.dbdiac, Riskware.Nsis.Adware.dbnhrj, Riskware.Win32.Downware.digcac
50.00%

F-Secure
Application.Bundler.Somoto.J
50.00%

nProtect
Trojan-Clicker/W32.Agent.222960, Trojan-Clicker/W32.Agent.227048, Trojan-Clicker/W32.Agent.227072, Trojan-Clicker/W32.Agent.225296
44.44%

Lavasoft Ad-Aware
Application.Bundler.Somoto.J
44.44%

Panda Antivirus
Trj/OCJ.F, Trj/CI.A, Trj/Chgt.C, PUP/MultiToolbar.A
44.44%

The domain platinumdown.com has been seen to resolve to the following IP address.

May 31, 2014

File downloads found at URLs served by platinumdown.com.

1 / 68      (Adware)
http://platinumdown.com/.../FLVPlayerSetup-N07szfyIY.exe  (7393f6713753745041e7aaf0ded508ca)

1 / 68      (Adware)

1 / 68      (Adware)

28 / 68    (Adware)

24 / 68    (Adware)
http://platinumdown.com/.../FLVPlayerSetup-2hKjZI0W.exe  (clickheretodownloadsetup-8behc2ci.exe)

30 / 68    (Adware)

22 / 68    (Adware)

26 / 68    (Adware)

24 / 68    (Adware)

26 / 68    (Adware)

16 / 68    (Adware)
http://platinumdown.com/.../FLVPlayerSetup-NceR4RKw7.exe  (ef2519d9a6dcd3a881892bc79e7ac825)

7 / 68      (Adware)

22 / 68    (Adware)

URL:
http://platinumdown.com/

Web server:
nginx