home

secure.letigerfastcdn.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain secure.letigerfastcdn.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Jose, California within the United States which resides on the CDNetworks Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Wednesday, December 4, 2013

Expires date:
Thursday, December 4, 2014

Updated date:
Wednesday, December 4, 2013

ASN:
AS36408 CDNETWORKSUS-02 - CDNetworks Inc.,US

Root domain:
letigerfastcdn.com

Whois:
2 letigerfastcdn.com records

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Rising Antivirus
PE:Trojan.Win32.Generic.13FF7F71!335511409, NS:PUF.SilenceInstaller!1.9DDF, PE:Trojan.Win32.Generic.16F9B8E1!385464545
76.92%

McAfee
Artemis!C6CB73697362, OneInstaller, Artemis!D941EF050346, Artemis!07363E8279EC, RDN/Generic PUP.x!chk, RDN/Generic PUP.z!ec, Artemis!787D8A30B176, Artemis!9A3C28A2966B, Artemis!C37003A04EA8, Artemis!96078ABFD661, Artemis!A7153AED0050, Adware-Monetizer, Artemis!BD30980654C7, RDN/Downloader.a!ry, Artemis!A08A49C4ACBD
74.36%

Dr.Web
Adware.Downware.1243, Trojan.MulDrop4.22250, Program.Unwanted.40, Adware.Downware.918, Threat.Undefined, Adware.Downware.4473
66.67%

ESET NOD32
Win32/InstallMonetizer.AG, MSIL/AdvancedSystemProtector (variant), Win32/InstallMonetizer.AZ, Win32/InstallMonetizer.BB
66.67%

Trend Micro House Call
Suspicious_GEN.F47V0610, Suspicious_GEN.F47V0625, TROJ_GEN.R047H06G314, TROJ_GEN.R047H06G214, TROJ_GEN.R0CBH06G414, TROJ_GEN.R047H06G914
66.67%

Malwarebytes
PUP.Optional.InstallMonetizer.NS, PUP.Optional.SilenceInstaller.A, PUP.Optional.Installcore
64.10%

avast!
NSIS:Downloader-ZK [PUP], Win32:Malware-gen, Win32:Adware-gen [Adw], InstMonetizer-BC [PUP], NSIS:Adware-OI [PUP], NSIS:InstMonetizer-BC [PUP]
53.85%

Baidu Antivirus
Trojan.MSIL.AdvancedSystemProtector, Adware.Win32.InstallMonetizer, Adware.Win32.InstallCore, PUA.Win32.VMDetector
51.28%

NANO AntiVirus
Trojan.Win32.MulDrop4.cfecrq, Trojan.Nsis.OneInstaller.dbpzbw, Riskware.Win32.MLW.ddylkr
46.15%

VIPRE Antivirus
InstallMonetizer, Trojan.Win32.Generic, Threat.4150696, Adware.Monetizer
46.15%

IKARUS anti.virus
AdWare.Win32.InstallMonetizer
43.59%

Reason Heuristics
PUP.Installer.BrowserDistributionServices.V, PUP.Installer.Applon.Y, PUP.Yawtix.G, PUP.StartInstall., PUP.StartInstall.Y, PUP.InstallManager.Meta (M), PUP.GameVicio.Installer.Meta (M)
41.03%

Sophos
Generic Bundleware, Generic PUA DP, Generic PUA PN, Generic PUA AM, Generic PUA FG, Generic PUA LM, AppMonetizer Installer
28.21%

AVG
MultiBundle.D, Generic, AdInstaller
23.08%

Avira AntiVirus
TR/Mitglieder.1440907, APPL/Downloader.Gen
15.38%

The domain secure.letigerfastcdn.com has been seen to resolve to the following 9 IP addresses.

66.114.52.21
October 24, 2014

66.114.52.20
October 24, 2014

174.35.73.200
September 5, 2014

174.35.73.135
September 4, 2014

174.35.73.199
September 4, 2014

174.35.73.204
September 4, 2014

174.35.73.97
September 4, 2014

66.114.52.15
September 4, 2014

66.114.52.14
September 4, 2014

File downloads found at URLs served by secure.letigerfastcdn.com.

11 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../Bing_Real_Bar_195.exe  (6a96b844b4018be76001a082197c97fb)

8 / 68      (PUP)
http://secure.letigerfastcdn.com/nsi/.../InstallMonetizer_Bundle_Jun_2014_9570.exe  (ac6637289786e99169fe1008e45fa635)

14 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../VuuPC_VO2_8907.exe  (c37003a04ea8d6b401bb2287b9db751e)

16 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../Flvto_Converter_7428.exe  (5bf570077820c035974a7e7d8ceec88c)

4 / 68      (inconclusive)
http://secure.letigerfastcdn.com/.../rcpsetup_17970HD.exe  (2d6ce916b05eb234b37563f64c324554)

10 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../Tiny_download_manager_7956.exe  (a08a49c4acbdecc5b2753ea0bd5253be)

11 / 68    (Malware)
http://secure.letigerfastcdn.com/.../SpeedConverterNuPC_WW5_RM.exe  (72cec604157960993f7e2973e746b6cb)

1 / 68      (PUP)
http://secure.letigerfastcdn.com/nsi/.../MyPhoneExplorer_v2_5185.exe  (7db6fce52f083cd2a588122e4fad4b47)

4 / 68      (Adware)
http://secure.letigerfastcdn.com/.../Yawtix.exe  (8fab6fdb4b65375d6890ed097c49e46b)

19 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../ch_first_test_2114.exe  (bd30980654c7f76e4239fc7730ee2948)

21 / 68    (PUP)
http://secure.letigerfastcdn.com/nsi/.../PDFCreator_Stub_5874.exe  (c6cb736973621eb747e5b18b6a5e1572)

10 / 68    (PUP)
http://secure.letigerfastcdn.com/.../InstallMonetizer_DNTM.exe  (c3b2305c10a0580b7b3700ad92b0bdf3)

3 / 68      (PUP)
http://secure.letigerfastcdn.com/.../amsetup__activeris_default.exe  (995e879a7604c8c9995f4948cf8fc096)

2 / 68      (Adware)
http://secure.letigerfastcdn.com/.../distro-meta-installer.exe  (9fa2740f52e87d0c8ccfca7d5997254d)

14 / 68    (PUP)
http://secure.letigerfastcdn.com/.../rcpsetup_17970HD_v2.exe  (91102b0503898852bd6f1f4f867272cd)

1 / 68      (Adware)
http://secure.letigerfastcdn.com/.../SmartMediaConverterSetup.exe  (5e9cc14490b1ccf155b352cdf41fef5d)

17 / 68    (Adware)
http://secure.letigerfastcdn.com/nsi/.../Flash_Click_to_Safe_Install_____________YA_9698_GC.exe  (6b7684842db56a958c7fcac8d0e5ca3d)

10 / 68    (Adware)
http://secure.letigerfastcdn.com/nsi/.../Chrome_AC_9652_176681_GC.exe  (96078abfd661cc55fe7d560e3abf7ad7)

8 / 68      (Adware)
http://secure.letigerfastcdn.com/nsi/.../Flash___Click_To_Safe_Install___________________________MA2_0_9509_176681_GC.exe  (0000e3a9080b4d2565f357e96cc3ede6)

8 / 68      (Adware)
http://secure.letigerfastcdn.com/nsi/.../Flash___Click_To_Safe_Install___________________________MA_02_9342_561741_GC.exe  (48da01c4591c102bb09ae618fefe71ec)

The following 37 files have been seen to comunicate with secure.letigerfastcdn.com in live environments.

TCP » 66.114.52.14:80
1468567241.exe

TCP » 66.114.52.21:80
1468567241.exe

TCP » 66.114.52.15:80
1468567241.exe

TCP » 174.35.73.135:80
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 66.114.52.20:80
Iminent.Messengers.exe (Iminent Messengers by Iminent)

TCP » 66.114.52.20:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.20:80
bobrowser.exe (BoBrowser by The BoBrowser Authors)

TCP » 66.114.52.21:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.14:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 174.35.73.135:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.14:80
browser.exe (Browser)

TCP » 66.114.52.20:80
tools_update.exe

TCP » 66.114.52.15:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.14:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.21:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.15:80
umbrella282_upd.exe (Iminent Service by Iminent)

TCP » 66.114.52.20:80
1468567241.exe

TCP » 174.35.73.199:80
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

 
Latest 20 of 156 files

URL:
http://secure.letigerfastcdn.com/

Web server:
PWS/8.1.20

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.