secured-download.com

Advertiso GmbH

Domain Information

The domain secured-download.com registered by Advertiso GmbH was initially registered in April of 2013 through REGISTRYGATE GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGISTRYGATE GMBH

Server location:
Berlin, Germany (DE)

Create date:
Friday, April 05, 2013

Expires date:
Tuesday, April 05, 2016

Updated date:
Thursday, June 18, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.Freemium.A
85.71%

Dr.Web
Adware.InstallCore.124, Trojan.Packed.24524
85.71%

VIPRE Antivirus
InstallCore, InstallCore.b
85.71%

ESET NOD32
Win32/InstallCore.CF (variant), Win32/InstallCore.CH (variant), Win32/InstallCore.D potentially unwanted (variant), Win32/InstallCore.CX (variant)
85.71%

Avira AntiVirus
ADWARE/InstallCore.Gen7, Adware/InstallCo.HJ, PUA/InstallCore.Gen7, APPL/InstallCore.QL.153, APPL/InstallCore.PY
85.71%

Reason Heuristics
PUP.Installer.ISfreemium.a, PUP.InstallCore.Bundler (M), PUP.InstallCore.ENG (M), PUP.installCore (M)
71.43%

K7 AntiVirus
Unwanted-Program, Unwanted-Program
57.14%

F-Prot
W32/InstallCore.R4.gen, W32/InstallCore.R.gen, W32/InstallCore.R3.gen, W32/InstallCore.R2.gen
57.14%

Sophos
Install Core Click run software, PUA 'Install Core Click run software', Install Core Click run software (PUA)
57.14%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
57.14%

McAfee
Artemis!D52531DDBEB7, Artemis!E30156E3AC2B, Artemis!08E30F31F86B
42.86%

McAfee Web Gateway
Artemis!D52531DDBEB7, Artemis!E30156E3AC2B, Artemis!PUP
42.86%

Trend Micro House Call
TROJ_GEN.F47V0819
28.57%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly
28.57%

K7 Gateway Antivirus
Unwanted-Program
28.57%

The domain secured-download.com has been seen to resolve to the following 2 IP addresses.

static.26.43.243.136.clients.your-server.de
January 6, 2016

static.176.61.76.144.clients.your-server.de
November 16, 2013

File downloads found at URLs served by secured-download.com.

1 / 68      (Adware)
http://secured-download.com/.../11?locale=de  (adobeflashplayer-setup.exe)

10 / 68    (PUP)
http://secured-download.com/system/core/.../vlc_Setup.exe  (f1b30302010aefe8f6faa8adbdf1a22f)

10 / 68    (PUP)
http://secured-download.com/.../12?locale=de  (avira_free3499_antivirus_de-setup.exe)

8 / 68      (PUP)

19 / 68    (PUP)

19 / 68    (PUP)

16 / 68    (Adware)

The following 13 files have been seen to comunicate with secured-download.com in live environments.

URL:
http://secured-download.com/

Title:
“secured-download.com”

Web server:
Apache/2.4.7 (Ubuntu) (Phusion Passenger 5.0.10)