home

www.brothersoft.fr

GANDI ROLE

Domain Information

Currently this domain has been known to host various forms of malware. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
GANDI

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
brothersoft.fr

Whois:
2 brothersoft.fr records

Scanner detections:
Malware distribution  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.KORAMGAMESLIMITED.p, PUP.Optional.KORAMGAMESLIMITED.M, PUP.Optional.KORAMGAMESLIMITED.b, PUP.Optional.KORAMGAMESLIMITED.r, PUP.Optional.Installer, Win32.Generic
100.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4786140, Threat.4150696, Brothersoft Downloader
23.08%

Malwarebytes
PUP.Optional.BSDownloader
15.38%

K7 AntiVirus
Riskware , Unwanted-Program
15.38%

F-Prot
W32/Agent.TR.gen
15.38%

ESET NOD32
Win32/BSDownloader (variant), Win32/InstallCore.PQ (variant)
15.38%

Agnitum Outpost
Riskware.BSDownloader, PUA.InstallCore
15.38%

AVG
Downloader, Generic, Potentially harmful program Downloader.ATN
15.38%

NANO AntiVirus
Riskware.Win32.BrotherSoft.cvlwba, Riskware.Win32.InstallCore.dotkkf
11.54%

Dr.Web
Adware.InstallCore.433, riskware program Program.BrotherSoft.18, Trojan.InstallCore.38
11.54%

herdProtect (fuzzy)
a variant of 22314e62f9f0bd9bf32d0b6bf775824760790639, a variant of 5ac76d8ea2bd0ff694f635544005dcf5b60952ac
7.69%

Avira AntiVirus
Adware/InstallCore.A.416, PUA/Installco.zlf
7.69%

ESET NOD32
Win32/BSDownloader potentially unwanted application, Win32/InstallCore.VM potentially unwanted application
7.69%

McAfee
Artemis!A19035BE4EF2
3.85%

Baidu Antivirus
Trojan.Win32.BSDownloader
3.85%

The domain www.brothersoft.fr has been seen to resolve to the following IP address.

108.168.197.129
108.168.197.129-static.reverse.softlayer.com
December 28, 2013

File downloads found at URLs served by www.brothersoft.fr.

1 / 68      (PUP)
http://www.brothersoft.fr/downloader/bdm.php?url=http://frfiles.brothersoft.com/games/.../world_of_warcraft_patch_2_3_3_fr.exe&name=World of Warcraft  (brothersoftdownloader_for_world_of_warcraft.exe)

1 / 68      (PUP)
http://www.brothersoft.fr/downloader/bdm.php?url=http://files.brothersoft.com/mobile_software/.../ResizePicture.jad&name=Resize Picture  (brothersoftdownloader_for_resize_picture.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-126620.download  (brothersoft_downloader_for__torrent.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-126620.download  (installer_for__torrent.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-133627.download  (installer_for_autoclick.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-138934.download  (installer_for_gta_san_andreas.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-132601.download  (brothersoft_downloader_for_convertxtodvd.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-133742.download  (installer_for_tor.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-162201.download  (installer_for_harry_potter_sorcerer_s_stone.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-131684.download  (installer_for_acid_pro.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-140321.download  (brothersoft_downloader_for_pdf_to_dwg.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-138853.download  (brothersoft_downloader_for_internet_download_manager.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-164269.download  (installer_for_twilight_saga_1_7.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-147635.download  (brothersoft_downloader_for_wauw_photo_widget.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-136168.download  (brothersoft_downloader_for_ip_anonymizer.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-165919.download  (brothersoft_downloader_for_one_piece_pics_1000_.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-142125.download  (brothersoft_downloader_for_videopad.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-133479.download  (brothersoft_downloader_for_thinkgraph.exe)

0 / 68
http://www.brothersoft.fr/soft-137680.download  (Cubase_6.0.2_Update.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-166219.download  (brothersoft_downloader_for_color_fx_splash_color.exe)

1 / 68      (Malware)
http://www.brothersoft.fr/soft-102355.download  (brothersoft_downloader_for_registry_first_aid.exe)

11 / 68    (PUP)
http://www.brothersoft.fr/soft-143610.download  (brothersoft_downloader_for_meteo.exe)

8 / 68      (PUP)
http://www.brothersoft.fr/soft-138343.download  (brothersoft_downloader_for_av_voice_changer_software_gold.exe)

10 / 68    (PUP)
http://www.brothersoft.fr/soft-138404.download  (brothersoft_downloader_for_tibia_multi_ip_changer.exe)

8 / 68      (PUP)
http://www.brothersoft.fr/soft-134472.download  (brothersoft_downloader_for_winrar.exe)

8 / 68      (PUP)
http://www.brothersoft.fr/soft-128593.download  (BSdownloader.exe)

9 / 68      (PUP)
http://www.brothersoft.fr/soft-143320.download  (brothersoft_downloader_for_super_bluetooth_hack.exe)

The following 17 files have been seen to comunicate with www.brothersoft.fr in live environments.

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

TCP » 108.168.197.129:80
Orbitnet.exe (P2P service of Orbit Downloader by Orbitdownloader.com)

URL:
http://www.brothersoft.fr/

Google Analytics:
UA-218645

Title:
“Télécharger des programmes, Software, Freeware, Jeux Gratuitement en Français, Complète Version”

Description:
“Télécharger des programmes gratuitement, software, freeware, jeux en Français, Complète Version”

Web server:
Apache

brothersoft.com

brothersoft.jp

freemusiczilla.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.