» stapidownloader.iminent.com
Overview
Analysis
IPs Addresses (6)
Downloads (3)
Network (10)
Website Detail
Related Domains (7)

stapidownloader.iminent.com

SIEN S.A.

Domain Information

The domain stapidownloader.iminent.com registered by SIEN was initially registered in May of 2006 through GANDI SAS. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher SIEN S.A. who is located in Paris, France.

Registrant:

SIEN for SIEN S.A.

Registrar:

GANDI SAS

Server location:

Massachusetts, United States (US)

Create date:

Tuesday, May 23, 2006

Expires date:

Monday, May 23, 2016

Updated date:

Wednesday, December 24, 2014

ASN:

AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:

iminent.com

Whois:

2 iminent.com records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.SIENSA.J, PUP.Sien.SIENSA.Bundler (M)

100.00%

VIPRE Antivirus

Iminent

33.33%

Qihoo 360 Security

Malware.QVM10.Gen

33.33%

The domain stapidownloader.iminent.com has been seen to resolve to the following 6 IP addresses.

23.62.6.176

a23-62-6-176.deploy.static.akamaitechnologies.com

January 27, 2016

23.62.6.210

a23-62-6-210.deploy.static.akamaitechnologies.com

January 27, 2016

23.3.13.11

a23-3-13-11.deploy.static.akamaitechnologies.com

December 2, 2014

23.3.13.35

a23-3-13-35.deploy.static.akamaitechnologies.com

December 2, 2014

72.247.8.99

a72-247-8-99.deploy.akamaitechnologies.com

May 2, 2014

72.247.8.88

a72-247-8-88.deploy.akamaitechnologies.com

May 2, 2014

File downloads found at URLs served by stapidownloader.iminent.com.

1 / 68 (PUP)

http://stapidownloader.iminent.com/IminentDownloader/.../setup.exe (winksetup.exe)

1 / 68 (PUP)

http://stapidownloader.iminent.com/IminentDownloader/.../setup.exe (winksetup.exe)

3 / 68 (PUP)

http://stapidownloader.iminent.com/IminentDownloader/.../setup.exe (winksetup.exe)

The following 10 files have been seen to comunicate with stapidownloader.iminent.com in live environments.

TCP » 23.62.6.176:80

browser.exe (Speed Browser by Long Mile Solutions)

TCP » 23.62.6.210:80

wikithemes.exe

TCP » 23.62.6.176:80

apptrailers.exe

TCP » 23.62.6.176:80

apptrailers.exe

TCP » 23.62.6.176:80

browser.exe (Speed Browser by Smart Applications)

TCP » 23.62.6.210:80

wikithemes.exe

TCP » 23.3.13.35:80

free ride games.exe (FreeRide Games by Exent Technologies)

TCP » 23.62.6.176:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.62.6.210:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.62.6.210:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 72.247.8.99:80

leakrepair.exe (Baidu PC Faster by Baidu)

URL:

http://stapidownloader.iminent.com/

Web server:

Microsoft-IIS/7.5,MCC-PROD23 (ASP.NET) (Version: 4.0.30319)

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.