uranupdates.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain uranupdates.com is registered by proxy through DOMAINCONTEXT, INC. and was originally registered in April of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from uranupdates.com - Powered by Reason Core Security
Registrar:
DOMAINCONTEXT, INC.

Server location:
Virginia, United States (US)

Create date:
Tuesday, April 23, 2013

Expires date:
Thursday, April 23, 2020

Updated date:
Wednesday, May 21, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.LimitedLiabilityCompanyUcozMedia, Threat.Installer.LimitedLiabilityCompanyUcozMedia, PUP.LimitedLiabilityCompanyUcozMedia.Installer (M)
100.00%

SUPERAntiSpyware
PUP.UCoz/Variant
33.33%

Trend Micro House Call
Suspicious_GEN.F47V0711, Suspicious_GEN.F47V0719
33.33%

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
33.33%

AVG
Skodna.Generic_c, Adware Skodna.Generic_c.TT, Adware Skodna.Generic_c.VV
33.33%

McAfee
Artemis!D08A055BE3A8
33.33%

McAfee Web Gateway
Artemis!D08A055BE3A8
33.33%

IKARUS anti.virus
Skodna.Generic_c.TT
33.33%

Emsisoft Anti-Malware
Trojan.Generic.12390492
33.33%

Lavasoft Ad-Aware
Trojan.Generic.12390492
33.33%

F-Secure
Trojan.Generic.12390492
33.33%

Norman
Trojan.Generic.12390492
33.33%

MicroWorld eScan
Trojan.Generic.12390492
33.33%

nProtect
Trojan.Generic.12390492
33.33%

Bitdefender
Trojan.Generic.12390492
33.33%

The domain uranupdates.com has been seen to resolve to the following IP address.

ec2-54-225-90-246.compute-1.amazonaws.com
May 24, 2014

File downloads found at URLs served by uranupdates.com.

20 / 68    (Adware)
http://uranupdates.com/.../uransetup.exe  (25b28575e8b73a552bf08d44034369bc)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (0d35cd961fd7d0bed30ae7e69cbce253)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (6918c8ed0c45ec0fe981f4abe71abc4e)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (abbbac0f89983dd2bba479b27da25568)

1 / 68      (Adware)
http://uranupdates.com/.../uransetup.exe  (9366f265d05b266ebb65e45a0f5dbf51)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (2fc6b3d5e2cc248009b36f054396813e)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (0e63ff3f9c148d9fd2e5bedd8760f416)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (b8195b6c3bf7e5801e44ff22d675ae6e)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (572714823e145af8887a39da47258643)

1 / 68      (Adware)
http://uranupdates.com/.../uransetup.exe  (7f02a6f89122f1140b752ddc99811091)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (d39159a7337ece037c5c5d589b31fd5c)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (1795949e6ff78b5b395842053a8bdbe7)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (62d1d639c3f90b82210f7a303079cb52)

1 / 68      (Adware)
http://uranupdates.com/.../UranSetup.exe  (0711d86d4a3ca8e433254ed9d2798754)

1 / 68      (Adware)
http://uranupdates.com/.../uransetup.exe  (83b7bad35b72085258d4d225f11a80aa)

20 / 68    (Adware)
http://uranupdates.com/.../UranSetup.exe  (da0f82faf02f2521b68d8f3f9dc37819)

20 / 68    (Adware)
http://uranupdates.com/.../uransetup.exe  (b9be2c5e5db2275fab2625e909ccb2f0)

20 / 68    (Adware)
http://uranupdates.com/.../UranSetup.exe  (11c4555d02de6fe34dce17c70cd762e8)

20 / 68    (Adware)
http://uranupdates.com/.../uransetup.exe  (575526de657c5de35adf1b0181f5931e)

20 / 68    (Adware)
http://uranupdates.com/.../UranSetup.exe  (2da93e5b6f520dd83f0fe487bfcdb7ba)

20 / 68    (Adware)
http://uranupdates.com/.../uransetup.exe  (3db7807d30cbf31e34720b97d0e973c1)

The following file have been seen to comunicate with uranupdates.com in live environments.

URL:
http://uranupdates.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=uranupdates.com

SSL certificate issuer:
CN=Thawte DV SSL CA, OU=Domain Validated SSL, O="Thawte, Inc.", C=US

Web server:
nginx/1.4.6 (Ubuntu)

Remove Malware from uranupdates.com - Powered by Reason Core Security