home

securisedownload.com

Whois protection, this company does not own this domain name s.r.o.

Domain Information

The domain securisedownload.com registered by Whois protection, this company does not own this domain name s.r.o. was initially registered in April of 2016 through OVH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Redwood City, California within the United States which resides on the SKYE network.
Registrar:
HEBEI GUOJI MAOYI (SHANGHAI) LTD DBA HEBEIDOMAINS.COM

Server location:
California, United States (US)

Create date:
Thursday, April 21, 2016

Expires date:
Friday, April 21, 2017

Updated date:
Thursday, April 21, 2016

ASN:
AS26008 NOMINUM-SKYE1 - SKYE

Whois:
7 securisedownload.com records

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Kreapixel.M, PUP.Installer.Kreapixel.L, PUP.Installer.Kreapixel.I, PUP.Installer.Kreapixel.R, PUP.Kreapixel.R, PUP.Installer.Kreapixel.M, PUP.Installer.Kreapixel.FF, PUP.Installer.Kreapixel.P, PUP.Kreapixel.O, PUP.Installer.Kreapixel.N, PUP.Kreapixel.Installer (M), PUP.Kreapixel.424Mo.Installer (M), PUP.Kreapixel.56Mo.Installer (M), PUP.InstallCore.RE11 (M)
97.30%

Trend Micro House Call
HV_ZYX_CA226679.TOMC, TROJ_GEN.F47V0328, TROJ_GEN.RC1H1E9, TROJ_GEN.F47V1104, TROJ_GEN.F47V0815, TROJ_GEN.F47V0829
32.43%

F-Prot
W32/InstallCore.W.gen, W32/AutoIt.CE.gen
8.11%

Qihoo 360 Security
HEUR/Malware.QVM11.Gen
5.41%

Dr.Web
Adware.InstallCore, Trojan.Packed.194
5.41%

Avira AntiVirus
ADWARE/InstallCore.Gen
5.41%

AhnLab V3 Security
PUP/Win32.InstallCore
5.41%

ESET NOD32
Win32/InstallCore.AZ (variant)
5.41%

Rising Antivirus
PE:Trojan.Win32.Generic.12D30705!315819781, PE:Malware.XPACK-LNR/Heur!1.5594
5.41%

K7 AntiVirus
Unwanted-Program
2.70%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly
2.70%

Malwarebytes
Trojan.Dropper.H
2.70%

IKARUS anti.virus
Trojan.SuspectCRC
2.70%

avast!
VBS:Malware-gen
2.70%

G Data
VBS:Malware-gen
2.70%

The domain securisedownload.com has been seen to resolve to the following 16 IP addresses.

103.224.182.222
May 11, 2016

141.8.225.80
September 22, 2014

208.73.210.200
September 3, 2014

208.73.211.178
September 3, 2014

208.73.210.217
September 3, 2014

208.73.210.214
September 3, 2014

208.73.211.164
September 2, 2014

208.73.211.239
September 2, 2014

208.73.211.195
September 2, 2014

208.73.211.177
September 2, 2014

208.73.211.179
August 28, 2014

208.73.210.210
August 28, 2014

208.73.210.204
August 28, 2014

208.73.211.199
August 28, 2014

199.101.28.20
search.dnsassist.verizon.net
April 26, 2014

213.186.33.3
cluster015.ovh.net
February 27, 2014

File downloads found at URLs served by securisedownload.com.

0 / 68
http://securisedownload.com/.../dl.php?l=fr&telecharger=Setup_V17FR  (setup_v17fr.exe)

1 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=ar&telecharger=Webplayer_AR  (webplayer_ar.exe)

1 / 68      (PUP)
http://securisedownload.com/.../Setup_V17FR.exe  (46d00c095a38c44e658153812714fea9)

1 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=gamefr&telecharger=Setup_WebGame  (setup_webgame.exe)

1 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=foot&telecharger=Webplayer_Foot  (webplayer_foot.exe)

1 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=widdit&telecharger=Webplayer_FR  (webplayer_fr.exe)

1 / 68      (PUP)
http://securisedownload.com/.../Setup_AR.exe  (1c1f2272e1b4bca9aa7f0c5e3aa2dacb)

2 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=ar&telecharger=Setup_AR  (setup_ar.exe)

2 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=fr&telecharger=Webplayer_FR  (webplayer_fr.exe)

1 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=sport&telecharger=Webplayer_Sport  (webplayer_sport.exe)

2 / 68      (PUP)
http://securisedownload.com/.../dl.php?l=us&telecharger=Webplayer_US  (setup_v17us.exe)

The following 83 files have been seen to comunicate with securisedownload.com in live environments.

TCP » 213.186.33.3:80
cykimhegigka.exe

TCP » 213.186.33.3:80
1799877.exe

TCP » 213.186.33.3:80
bosadgypujuz.exe

TCP » 213.186.33.3:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 213.186.33.3:80
browser.exe (Speed Browser by Smart Applications)

TCP » 213.186.33.3:80
online-guardian-v2.0.9.exe

TCP » 213.186.33.3:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 213.186.33.3:80
jingling.exe

TCP » 213.186.33.3:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 103.224.182.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 213.186.33.3:443
apptrailers.exe

TCP » 213.186.33.3:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 213.186.33.3:80
onlineguardian-v2.exe

TCP » 213.186.33.3:25
wrk.exe

TCP » 213.186.33.3:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 213.186.33.3:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 213.186.33.3:80
abb1213.tmp

TCP » 213.186.33.3:80
online-guardian-v2.0.9.exe

TCP » 213.186.33.3:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 213.186.33.3:80
online-guardian-v2.exe

 
Latest 20 of 87 files

URL:
http://securisedownload.com/

Title:
“securisedownload.com”

Web server:
Apache

Facebook:
Shares:  1

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.