The domain www.downanapp.com registered by imali media n.i ltd was initially registered in August of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrant:
imali media n.i ltd
Registrar:
GODADDY.COM, LLC
Server location:
Arizona, United States (US)
Create date:
Sunday, August 24, 2014
Expires date:
Wednesday, August 24, 2016
Updated date:
Tuesday, June 9, 2015
ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC
Google Safe Browsing:
unwanted
Scanner detections:
Detections (93% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.Stepitapp.F, PUP.Installer.IMALINIMEDIA, PUP.IMALINIMEDIA, PUP.Stepitapp, Threat.Win.Reputation.IMP, PUP.IMALI.IMALINIMEDIA, PUP.IMALI.IMALINIMEDIA.Installer (M), PUP.IMALI.IMALINIM.Installer (M), PUP.InstallCore.FC.Installer (M), PUP.Systweak.TUNEUPPR.Installer.Meta (L), PUP.Downloadius.Software.Installer (M), PUP.Softpulse.SmartSec.Bundler (M), PUP.Softpulse (M), PUP.AdGazelle (M)
96.43%
avast!
Win32:Dropper-gen [Drp], Win32:Malware-gen, Win32:Rootkit-gen [Rtk], Win32:Trojan-gen, Win32:Evo-gen [Susp]
64.29%
Avira AntiVirus
TR/Dldr.Agent.216048, TR/Dldr.Agent.215952, TR/Dldr.Agent.210832, TR/Dldr.Agent.265104, TR/Dldr.Agent.272784, TR/Dldr.Agent.272272
64.29%
McAfee
Artemis!F4CD8201B97A, Artemis!9D54F21747B3, Artemis!AED39EECB67B, Artemis!2F472C9F080A, Artemis!E9938724CFD2, Artemis!DC365FC18033
60.71%
Trend Micro House Call
Suspicious_GEN.F47V1219, Suspicious_GEN.F47V1213, Suspicious_GEN.F47V1214, Suspicious_GEN.F47V1230, Suspicious_GEN.F47V0107, Suspicious_GEN.F47V0203
57.14%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
57.14%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
50.00%
Sophos
Generic PUA OF, Generic PUA LN, Generic PUA OH, Generic PUA NC, Generic PUA LB, Generic PUA EK
42.86%
K7 AntiVirus
Unwanted-Program , Riskware , Adware
42.86%
ESET NOD32
Win32/Downloader.Agent.AI (variant), Win32/Adware.Imali (variant)
39.29%
AVG
Generic, Adware Generic6
35.71%
Kaspersky
UDS:DangerousObject.Multi.Generic
25.00%
Fortinet FortiGate
Riskware/Downloader_Agent, Riskware/Imali
25.00%
Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen, Win32/RootKit.Rootkit.7e5, Win32/Trojan.eaa, Win32/Trojan.0a7, Win32/Trojan.522
25.00%
G Data
Trojan.Generic.12708105, Win32.Trojan.Agent.NDE4LL, Rootkit.72610, Trojan.Generic.12606400, Gen:Variant.Zusy.128984
25.00%
The domain www.downanapp.com has been seen to resolve to the following 3 IP addresses.
ip-50-63-202-65.ip.secureserver.net
August 30, 2016
ec2-52-1-45-42.compute-1.amazonaws.com
June 19, 2015
209.81.59.108.bc.googleusercontent.com
January 11, 2015
File downloads found at URLs served by www.downanapp.com.
Latest 30 of 135 download URLs
The following 1133 files have been seen to comunicate with www.downanapp.com in live environments.
URL:
http://www.downanapp.com/
Statistics are for the previous month.
Related Domains