Privacy Protection Service INC d/b/a PrivacyProtect.org (Proxy Registrant)
The domain setup.mediadrug.com is registered by proxy through DOMAINCONTEXT, INC. and was originally registered in May of 2010. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Steinsel, Luxembourg within Luxembourg which resides on the RIPE Network Coordination Centre network.
Luxembourg, Luxembourg (LU)
Monday, May 31, 2010
Wednesday, May 31, 2017
Wednesday, May 04, 2016
AS5577 ROOT root SA,LU
Detections (88% detected)
PUP.Optional.Installer, PUP.MediaDrug.Installer.Meta, PUP.MediaDrug.Installer.Meta (M), Win32.Generic, PUP.MediaDrug (M)
Win32/MediaDrug (variant), Win32/MediaDrug.A potentially unwanted (variant)
Trend Micro House Call
Suspicious_GEN.F47V1227, Suspicious_GEN.F47V1225, TROJ_GEN.R0C1C0ODU15
McAfee Web Gateway
Artemis!5241AB13FF21, Artemis!88B3DD290C71, Artemis!6FBB9C09A521
Generic PUA JN
K7 Gateway Antivirus
The domain setup.mediadrug.com has been seen to resolve to the following IP address.
May 29, 2014
File downloads found at URLs served by setup.mediadrug.com.
Latest 30 of 258 download URLs
The following 2 files have been seen to comunicate with setup.mediadrug.com in live environments.