home

v4download2.biz

Fundacion Private Whois  (Proxy Registrant)

Domain Information

The domain v4download2.biz is registered by proxy through INTERNET.BS CORP. and was originally registered in August of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrar:
INTERNET.BS CORP.

Server location:
Arizona, United States (US)

Create date:
Sunday, August 31, 2014

Expires date:
Sunday, August 30, 2015

Updated date:
Sunday, August 31, 2014

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Whois:
2 v4download2.biz records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Avira AntiVirus
ADWARE/Adware.Gen2, Adware/Amonetize.fhz, TR/Crypt.XPACK.Gen, ADWARE/Adware.Gen4, Adware/Amonetize.575680.17
88.89%

AhnLab V3 Security
PUP/Win32.Amonetiz, Trojan/Win32.Gen
88.89%

ESET NOD32
Win32/Amonetize.AJ (variant), Win32/Amonetize.AT (variant), Win32/Amonetize.BP (variant), Win32/Amonetize.CH (variant), Win32/Amonetize.CK (variant)
77.78%

Sophos
Generic PUA JL, Generic PUA HP, Generic PUA GA, Generic PUA AA, Generic PUA FM, Generic PUA KD, Generic PUA BJ, Generic PUA MP, Generic PUA NK
77.78%

Malwarebytes
PUP.Optional.Amonetize.A, Trojan.Dropper.KJG, Trojan.Downloader.Agent
72.22%

McAfee
RDN/Generic PUP.x!c2i, Artemis!65F068EA0880, Artemis!BC89FC056AA2, Artemis!A899877F6401, Artemis!4D93010DD667, Artemis!31E1812D429E, Artemis!C5074D107539
72.22%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Amonetize-ED [PUP], Win32:Adware-gen [Adw], Win32:Vitro, Win32:Amonetize-GN [PUP]
72.22%

G Data
Win32.Application.Amonetize, Trojan.GenericKD.1905906, Trojan.GenericKD.1961750, Gen:Variant.Adware.Kazy.385069, Trojan.GenericKD.1968718
66.67%

AVG
Generic_r, Win32/Heur, Generic5
66.67%

Qihoo 360 Security
Win32/Virus.Adware.932, HEUR/Malware.QVM18.Gen, HEUR/QVM18.1.Malware.Gen, HEUR/QVM10.1.Malware.Gen
66.67%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize, W32/Virut.CE
66.67%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize
61.11%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.4150696
55.56%

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.ITLGROUP.f, PUP.Installer.SVANTRANS.f, PUP.Installer.SVANTRANS.a, PUP.Installer.AMGRUP.DD
55.56%

Bkav FE
HW32.Paked, W32.HfsAutoA, HW32.Packed
50.00%

The domain v4download2.biz has been seen to resolve to the following 6 IP addresses.

104.28.20.25
December 2, 2014

104.28.21.25
December 2, 2014

162.159.243.235
October 20, 2014

162.159.244.235
October 20, 2014

162.159.245.164
September 27, 2014

162.159.244.164
September 27, 2014

File downloads found at URLs served by v4download2.biz.

19 / 68    (Adware)
http://v4download2.biz/download.php?id=mmohaui&title=liteCam  (linkbucksadflybot__7934_il227762.exe)

30 / 68    (Adware)
http://v4download2.biz/download.php?id=phobos111&title=keygen2  (instagramprivateviewerexe__7934_il872099.exe)

21 / 68    (Adware)
http://v4download2.biz/download.php?id=mmohaui&title=Crack-Win7  (install__9681_il117731.exe)

19 / 68    (Adware)
http://v4download2.biz/download.php?id=cting&title=KritikaChaosUnleashedHack  (revo uninstaller pro __10940_i1424283952_il65163.exe)

12 / 68    (Adware)
http://v4download2.biz/download.php?id=MAREYOLE&title=Ninja-Saga-Hack-Tool  (serialkeygen__7934_il1058553.exe)

5 / 68      (Adware)
http://v4download2.biz/download.php?id=c0drut&title=Fifa15-CrackFix  (uh.update.v2.28__4181_il291.exe)

12 / 68    (Adware)
http://v4download2.biz/download.php?id=gplaystick&title=Chaturbate-Hack-2014  (serialkeygen12__7934_il901658.exe)

16 / 68    (PUP)
http://v4download2.biz/download.php?id=ariochdii&title=Fifa15CoinsHackt  (cinemahdcodec__6858_il388857.exe)

16 / 68    (PUP)
http://v4download2.biz/download.php?id=gotonow&title=cinema-4d-r12  (cinemahdcodec__6858_il388857.exe)

18 / 68    (PUP)
http://v4download2.biz/download.php?id=gotonow&title=deemo-apk  (cheattool__7934_il1129183.exe)

30 / 68    (Adware)
http://v4download2.biz/download2.php?id=uupiits&title=Honorbuddy cracked &url=https://.../#!iw9gXIwa!wQTd8Xt6-u1ZV5HHnt_ucBMVr0-qLPu-M_PKkOdD2Cs  (instagramprivateviewerexe__7934_il872099.exe)

21 / 68    (Adware)
http://v4download2.biz/download.php?id=mmohaui&title=Angry-Birds-Transformers-Hack  (wwe2k14installer124423__7934_il613374.exe)

8 / 68      (PUP)
http://v4download2.biz/download2.php?id=ars2012&title=Cookie Clicker Auto Clicker &url=https://.../#!pVdQzKyI!ZjUEOWMi7puecaP0Su6t_DrnjBA8b-7PhAOzWycut8k  (cheattool__7934_il1423622.exe)

30 / 68    (Adware)
http://v4download2.biz/download.php?id=asiko&title=Winrar-Password-Recovery  (winrarpasswordrecovery__7934_il597720.exe)

24 / 68    (PUP)
http://v4download2.biz/download.php?id=silviupkr&title=League-Of-Legends-Riot-Points-Generator  (wotmody94__7934_il1756367.exe)

11 / 68    (PUP)
http://v4download2.biz/download.php?id=&title=cheatengineinstall  (cheattool__7934_il2115421.exe)

11 / 68    (PUP)
http://v4download2.biz/download2.php?id=tornyFCSB&title=Survey Bypasser 2014&url=http://v4download.com/.../download.php?id=tornyFCSB  (cheattool__7934_il2115421.exe)

4 / 68      (Malware)
http://v4download2.biz/download.php?id=Meows&title=GrandTheftAuto-V-PC-emu-v12  (underfiregenerator__6858_il2760049.exe)

8 / 68      (PUP)
http://v4download2.biz/download.php?id=alexandru2006&title=GTAVInstaller  (suburbiagenerator__7934_il2497522.exe)

11 / 68    (PUP)
http://v4download2.biz/download.php?id=phobos111&title=keygen  (cheattool__7934_il2115421.exe)

14 / 68    (PUP)
http://v4download2.biz/download.php?id=7ommes&title=FishWorld-Generator  (fishworldgenerator__6858_il979543.exe)

19 / 68    (PUP)
http://v4download2.biz/download.php?id=macroman&title=instagramprivateviewer  (nortoninternetsecurity2014productkeygenerator__6858_il2516578.exe)

8 / 68      (PUP)
http://v4download2.biz/download.php?id=phobos111&title=cheattool  (cheattool__7934_il1423622.exe)

URL:
http://v4download2.biz/

SSL certificate subject:
CN=sni50105.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.