» upgrade-24.com
Overview
Analysis
IPs Addresses (7)
Downloads (47)
Network (3)
Subdomains (2)
Website Detail

upgrade-24.com

Corp New Ventures Services

Domain Information

The domain upgrade-24.com registered by Corp New Ventures Services was initially registered in January of 2016 through REGISTRAR OF DOMAIN NAMES REG.RU LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Zurich, Zurich within Switzerland which resides on the RIPE Network Coordination Centre network.

Registrant:

Corp New Ventures Services

Registrar:

INLANDDOMAINS, LLC

Server location:

Zurich, Switzerland (CH)

Create date:

Wednesday, January 27, 2016

Expires date:

Friday, January 27, 2017

Updated date:

Wednesday, February 3, 2016

ASN:

AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Whois:

4 upgrade-24.com records

Google Safe Browsing:

phishing

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.DownloadFreeFriedCookie.R, PUP.Installer.ironSource, PUP.Installer.InstallCore.Installer, PUP.InstallCore.Installer.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.InstallCore.Installer.Meta (M), PUP.InstallCore (M), PUP.InstallCore.FC (M)

100.00%

Dr.Web

Trojan.InstallCore.19

10.64%

ESET NOD32

Win32/InstallCore.RO potentially unwanted application, Win32/InstallCore.UE potentially unwanted application, Win32/InstallCore.RR potentially unwanted application

10.64%

VIPRE Antivirus

Threat.4786018

10.64%

AVG

Generic

10.64%

Sophos

PUA 'InstallCore ToDownload'

8.51%

K7 AntiVirus

Unwanted-Program

8.51%

Comodo Security

Application.Win32.FriedCookie.CIRK, Application.Win32.InstallCore.KX

8.51%

Avira AntiVirus

ADWARE/InstallCore.Gen7

6.38%

G Data

Win32.Application.InstallCore.DI

4.26%

F-Secure

Adware.BrowseFox.CW

2.13%

Bkav FE

W32.HfsAdware

2.13%

Agnitum Outpost

PUA.InstallCore

2.13%

NANO AntiVirus

Riskware.Win32.InstallCore.dmfopx

2.13%

herdProtect (fuzzy)

a variant of dc83f98677a8d59f2535e2be48a55e66a2e69f06

2.13%

The domain upgrade-24.com has been seen to resolve to the following 7 IP addresses.

May 16, 2016

April 14, 2016

February 13, 2016

January 28, 2016

December 16, 2015

November 23, 2015

November 29, 2014

File downloads found at URLs served by upgrade-24.com.

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166695605229&site_id=563&app_id=4&lp_id=594&v=icrev&stub_id=47&v_id=0836b36f81b6deb3ff1af0037b03a9a0&dist_id=356&channel=mrk_frf&dast=YnJzcj0zODQxJmJvPTImc2xpZD0wJnN1YmlkPTIwMDIyNjYwNzQyMzAwMDAwMCZzbz0yJmNpY21wPTQ2Mjc4OCZwdWJpZD02NTc3OSZjdTQ9MTcmY2lwaWQ9MjAyMjA3MCZjaXNpZD1DOEI3RTlCN0YxMjE3NDA5MTA3ODQzNzMwJmNpcmlkPUM4QjdFOUI3RjEyMTc0MTA3NDY4MDIwMDYmY2l1aWQ9NzczODMwODMxNjMwNTg2Njk3NiZjcmlkPTI5MjQ0NDgmZXhjaWQ9MjImbW10PS0xJm9zaWQ9NTMzJmNudHJ5PTcz (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167602431012&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=8514e095828d72de4f9249793ee7a2a0&dist_id=379&channel=qws_e_fldl&subid=009060227016099402783 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167685997638&site_id=563&app_id=4&lp_id=609&v=icrev&stub_id=49&v_id=33382f523af313047bb921551bb91515&dist_id=251&channel=mrkfp&dast=YnJzcj0zODQxJmJvPTImc2xpZD0wJnN1YmlkPTIwMDEzMTAyMDMxNTAwMDAwMCZzbz0yJmNpY21wPTQ2NDk4OCZwdWJpZD00MjgyMiZjdTQ9MTgmY2lwaWQ9MjAyMjAzMCZjaXNpZD01OEM2QzI5QzE4MDk4NTExMTQyNDIyNDE5JmNpcmlkPTU4QzZDMjlDMTgwOTg1MjM1OTU3MDgzOSZjaXVpZD03MTAwNzUzMzk1MTQyNjAxNjI0JmNyaWQ9Mjk1NzE3OCZleGNpZD0yMiZtbXQ9LTEmb3NpZD01MzMmY250cnk9MjI3 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167939925784&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=d068e25e3b0a4682fcbac5188c347602&dist_id=379&channel=qws_e_fldl&subid=009090714016122676150 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167128446227&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=46&v_id=3a0b58e2a609ce0ed8a8168d584de141&dist_id=379&channel=qws_e_fldl&subid=008483072016068976394 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168020230732&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=50&v_id=f2ea8887c0babeee05988abd0f9468d9&dist_id=379&channel=qws_e_fldl&subid=005377597016126293814 (adobe_flash_setup.exe)

1 / 68 (PUP)

http://upgrade-24.com/download.php?conversion_id=14167971238383&site_id=563&app_id=4&lp_id=594&v=icrev&stub_id=50&v_id=1ab50d9828daa994b1000779415502d2&dist_id=251&channel=mrkfp&dast=YnJzcj0zODQxJmJvPTImc2xpZD0wJnN1YmlkPTIwMDIyNDYyMjUyMzAwMDAwMCZzbz0yJmNpY21wPTQ2NTAwOCZwdWJpZD02MzE2MyZjdTQ9MTcmY2lwaWQ9MjAyMjAzMCZjaXNpZD1BNkEyQ0EyM0YyMTkxMTg3MzM2NzQ5MDc3NCZjaXJpZD1BNkEyQ0EyM0YyMTkxMTg3NDg2MTQ4NDIwNSZjaXVpZD04NzQ4NjUyMjk2MjU2MDIzNzU5JmNyaWQ9MjkyNjY5OCZleGNpZD0yMiZtbXQ9LTEmb3NpZD01MzQmY250cnk9MjI3 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166887371202&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=45&v_id=d20cd5df7d5b90af2863cc7bd50be9fa&dist_id=379&channel=qws_e_fldl&subid=008659133016056539439 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167828663982&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=51&v_id=1709ab833bbdd71be78d973d1e59c9f0&dist_id=379&channel=qws_e_fldl&subid=009090714016117476197 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166200547461&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=46&v_id=7dded5805768dd0df61f543298b57595&dist_id=379&channel=qws_e_fldl&subid=003392811016012214001 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167664342537&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=50&v_id=2d40cb3163d2800dff1b2fae239aae35&dist_id=379&channel=qws_e_fldl&subid=006776135016105111660 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168043781744&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=50&v_id=2b9050a911dd29b2c21d5ad30fc6a00b&dist_id=379&channel=qws_e_fldl&subid=009085245016127285932 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167748794934&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=51&v_id=d50f7f980d272a473729f265c8f7a890&dist_id=379&channel=qws_e_fldl&subid=008812382016112309287 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166840106776&site_id=563&app_id=4&lp_id=594&v=icrev&stub_id=45&v_id=e1ad1137b069c14dbb5c6fbc25632774&dist_id=356&channel=mrk_frf&dast=YnJzcj0zODY4JmJvPTImc2xpZD0wJnN1YmlkPTIwMDE4NzAwNzQyMDAwMDAwMCZzbz0yJmNpY21wPTQ2Mjc2OCZwdWJpZD02MTc2MiZjdTQ9MTgmY2lwaWQ9MjAyMjA3MCZjaXNpZD00NzExOTE1MTJFMTI3ODQ2MTY0MjMxNTM4NCZjaXJpZD00NzExOTE1MTJFMTI3ODQ2Mjg3NzMwODc0OCZjaXVpZD0xNjA0ODE0NTY2ODgyMjQxMTk3JmNyaWQ9MjkyNDQ0OCZleGNpZD0yMiZtbXQ9LTEmb3NpZD01MzMmY250cnk9NzM= (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168144290662&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=51&v_id=af2b0dfb08cf5c08bbfe3515984b81a6&dist_id=379&channel=qws_e_fldl&subid=008812376016132182151 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168251703503&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=51&v_id=19447f1a734375d4a29d785810c6bb9c&dist_id=379&channel=qws_e_fldl&subid=009878332016138177301 (adobe_flash_setup.exe)

1 / 68 (PUP)

http://upgrade-24.com/download.php?conversion_id=14167687784992&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=50&v_id=6a501316efa170e8f95b3c5999b89d7e&dist_id=379&channel=qws_e_fldl&subid=004888829016107157374 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168056210614&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=c5a1ca5a8b6155406ef3b912f0d0c9c5&dist_id=379&channel=qws_e_fldl&subid=008705946016127920436 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168097726385&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=51&v_id=d0688b4d06c02c3ee3cbb146d92c04cf&dist_id=379&channel=qws_e_fldl&subid=008541227016129706304 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167766955205&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=b1a2402245f827a8f84277a152f07c25&dist_id=379&channel=qws_e_fldl&subid=008452860016113637413 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166214073203&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=45&v_id=733fa409595ecc66341f72019c5e6bda&dist_id=379&channel=qws_e_fldl&subid=008520249016012725292 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167935078825&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=240ffb6d1025f74f2e8e8b739f0f308c&dist_id=379&channel=qws_e_fldl&subid=009031283016122475806 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167916452565&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=abe43d97dea877d7f1be4d051a867077&dist_id=379&channel=qws_e_fldl&subid=006688943016121613678 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167914535624&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=d22ac17cb2d072ae537b431171e61872&dist_id=379&channel=qws_e_fldl&subid=004593244016121448126 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167756111890&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=94bd0172c6fcd3f1e9fe7f1bf9eda7e4&dist_id=379&channel=qws_e_fldl&subid=008698124016112847718 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167716787987&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=abecacce64040fb814ea8587a315288d&dist_id=379&channel=qws_e_fldl&subid=008357350016109724658 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14168200253730&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=50&v_id=3bfaa57ee9ab66a151b7be44457d9ee8&dist_id=379&channel=qws_e_fldl&subid=009878726016135184178 (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14165727011136&site_id=563&app_id=4&lp_id=594&v=icrev&stub_id=47&v_id=86187f771796451df95f6f1665dda04c&dist_id=356&channel=mrk_frf&dast=YnJzcj0zODQxJmJvPTImc2xpZD0wJnN1YmlkPTIwMDEzMTMwNjcxNjAwMDAwMCZzbz0yJmNpY21wPTQ2Mjk0OCZwdWJpZD01MzE2NiZjdTQ9MTcmY2lwaWQ9MjAyMjA3MCZjaXNpZD0yNENCQTZFRUY1MTE1MDIwNzE5MTM3MTQzMTcmY2lyaWQ9MjRDQkE2RUVGNTExNTAyMDgxNjQwMTE4NDM0JmNpdWlkPS0yMjI2NTM5NDE4MjQ1MjYxNjQwJmNyaWQ9Mjk1NzYyOCZleGNpZD0yMiZtbXQ9LTEmb3NpZD01MzImY250cnk9MjAw (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14166824188751&site_id=563&app_id=4&lp_id=613&v=icrev&stub_id=46&v_id=8acecc4f87162f725dc296c38641af02&dist_id=356&channel=mrk_frf&dast=YnJzcj0zODQxJmJvPTImc2xpZD0wJnN1YmlkPTIwMDEzMTMwNjcxNjAwMDAwMCZzbz0yJmNpY21wPTQ2Mjk0OCZwdWJpZD01MzE2NiZjdTQ9MTcmY2lwaWQ9MjAyMjA3MCZjaXNpZD1EODcxMjVEMTIxNTIzMzY5MTM2NzMyMDgxNCZjaXJpZD1EODcxMjVEMTIxNTIzMzcwMTY5MjM1ODEwNiZjaXVpZD0tMjIyNjUzOTQxODI0NTI2MTY0MCZjcmlkPTI5NTc2MjgmZXhjaWQ9MjImbW10PS0xJm9zaWQ9NTMyJmNudHJ5PTIwMA== (adobe_flash_setup.exe)

1 / 68 (Adware)

http://upgrade-24.com/download.php?conversion_id=14167586952505&site_id=563&app_id=4&lp_id=514&v=icrev&stub_id=49&v_id=9eb1489c7f2a5a8c214fb37cd27b691b&dist_id=379&channel=qws_e_fldl&subid=008812382016097982917 (adobe_flash_setup.exe)

Latest 30 of 47 download URLs

The following 3 files have been seen to comunicate with upgrade-24.com in live environments.

TCP » 141.8.226.14:80

google-bookmarks.crx

TCP » 204.11.56.48:80

chrome.crx

TCP » 204.11.56.48:80

chrome.crx

Subdomains

April 11, 2015

downgradepc.upgrade-24.com

February 25, 2016

upgrader.upgrade-24.com

URL:

http://upgrade-24.com/

Web server:

Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.