unzip-it.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain unzip-it.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Virginia, United States (US)

Create date:
Thursday, February 13, 2014

Expires date:
Monday, February 13, 2017

Updated date:
Monday, January 25, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.InstallCore, PUP.installCore (M), PUP.NewMedia.Installer.installCore.Installer (M), PUP.Installer.Bundler.Installer.Meta (M), PUP.InstallCore.S (M), PUP.InstallCore.RES (M), PUP.FileOpener.Setup.Installer.Meta (M), PUP.InstallCore.Internet.Installer.Meta (M), PUP.FileOpener.Setup (M), PUP.NewMedia.NMH (M)
94.44%

VIPRE Antivirus
Threat.4788237, Threat.5084491, Threat.4371328, Threat.4786018
16.67%

G Data
Win32.Application.InstallCore.CZ, Win32.Application.InstallCore.EG
13.89%

ESET NOD32
Win32/InstallCore.ZC potentially unwanted application, Win32/InstallCore.YL potentially unwanted application, Win32/InstallCore.XX potentially unwanted application
13.89%

Dr.Web
Trojan.InstallCore.563, Trojan.InstallCore.47
11.11%

AVG
InstallCore, Generic
11.11%

Avira AntiVirus
PUA/InstallCore.ID, PUA/InstallCore.Gen
11.11%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.InstallCore.SID.C
8.33%

Bkav FE
W32.HfsAdware
8.33%

K7 Gateway Antivirus
Unwanted-Program
8.33%

K7 AntiVirus
Unwanted-Program
8.33%

avast!
Malware-gen, Trojan-gen
5.56%

Agnitum Outpost
Trojan.Badur
5.56%

Trend Micro House Call
TROJ_GEN.R021H07DP15, Suspicious_GEN.F47V0513
5.56%

NANO AntiVirus
Riskware.Win32.InstallCore.drfvry, Riskware.Win32.InstallCore.dqhetu
5.56%

The domain unzip-it.com has been seen to resolve to the following 8 IP addresses.

ec2-54-88-203-136.compute-1.amazonaws.com
April 3, 2016

ec2-54-84-209-207.compute-1.amazonaws.com
January 31, 2016

ec2-54-88-93-196.compute-1.amazonaws.com
January 6, 2016

ec2-54-165-29-156.compute-1.amazonaws.com
May 6, 2015

ec2-107-21-41-152.compute-1.amazonaws.com
May 5, 2015

ec2-54-210-190-77.compute-1.amazonaws.com
May 5, 2015

ec2-54-86-23-250.compute-1.amazonaws.com
August 17, 2014

ec2-54-85-139-155.compute-1.amazonaws.com
August 1, 2014

File downloads found at URLs served by unzip-it.com.

 
Latest 30 of 36 download URLs

June 5, 2014

URL:
http://unzip-it.com/

Google Analytics:
UA-53254711

Title:
“File-Opener”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.4.7

Facebook:
Likes:  2,434
Shares:  2,508
Comments:  2,953

Statistics above are for the previous month of March 2017.