home

www.downloadsoundcloud.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain www.downloadsoundcloud.net is registered by proxy through ENOM, INC. and was originally registered in May of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hollywood, Florida within the United States which resides on the Prolexic Technologies, Inc. network.
Registrar:
ENOM, INC.

Server location:
Florida, United States (US)

Create date:
Friday, May 10, 2013

Expires date:
Tuesday, May 10, 2016

Updated date:
Wednesday, April 15, 2015

ASN:
AS32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Prolexic Technologies, Inc.,US

Root domain:
downloadsoundcloud.net

Whois:
3 downloadsoundcloud.net records

Scanner detections:
Detections  (73% detected)

Scan engine
Details
Detections

avast!
Win32:PUP-gen [PUP], Win32:Amonetize-AK [PUP], Win32:Amonetize-BJ [PUP], Win32:Amonetize-CJ [PUP], Win32:Amonetize-CL [PUP], Dropper-gen [Drp]
68.42%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Yotoon, not-a-virus:AdWare.Win32.Yotoon
68.42%

McAfee
Adware-Amonetize!DC035ED17CF1, Artemis!37D9CDC1A4B3, PUP-FBM!78F890E1FEE8, Artemis!F8699D1A4970, Artemis!F1A9F6120C0C, Trojan.Artemis!2CBE82789025, RDN/Generic.bfr!gr
57.89%

Malwarebytes
PUP.Optional.Amonetize.A, PUP.Optional.Downloader, PUP.Optional.Monetizer, PUP.Optional.Handy.A, Trojan.Agent.NS
57.89%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Threat.4150696, Adware.Win32.Yotoon
57.89%

ESET NOD32
Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant), Win32/Amonetize.AS (variant), Win32/Amonetize.BF.gen (variant), Win32/ActiveMonetizer
57.89%

Baidu Antivirus
Adware.Win32.Amonetize, PUA.Win32.ActiveMonetizer, Trojan.Win32.ActiveMonetizer, Adware.Win32.BrowseFox
57.89%

NANO AntiVirus
Riskware.Win32.Amonetize.cvojeb, Riskware.Win32.Amonetize.czmzsz, Riskware.Win32.Amonetize.dbyopz, Riskware.Win32.Amonetize.dchxoa
57.89%

Trend Micro House Call
TROJ_GEN.F47V0320, TROJ_GEN.F47V0324, TROJ_GEN.F47V0331, TROJ_GEN.F47V0607, Suspicious_GEN.F47V0706, TROJ_SPNR.08DH14, TROJ_GEN.R00UH06JV13, TROJ_GEN.F47V0829
52.63%

Sophos
Generic PUA GM, Amonetize, Generic PUA NH, Generic PUA JG, Generic PUA HE, Generic PUA JK, Generic PUA OA
52.63%

Dr.Web
Adware.Downware.2250, Adware.Downware.2467, Adware.Downware.5546, Adware.Downware.5913, Adware.Downware.8012, Adware.Downware.1901
47.37%

Qihoo 360 Security
Win32/Virus.Adware.932, HEUR/Malware.QVM10.Gen, Win32/Virus.Adware.47b
47.37%

Avira AntiVirus
ADWARE/Adware.Gen2, Adware/Graftor.146078.139, APPL/Amonetize.Z
42.11%

AhnLab V3 Security
PUP/Win32.Amonetiz
42.11%

AVG
Generic_r
42.11%

The domain www.downloadsoundcloud.net has been seen to resolve to the following 3 IP addresses.

72.52.4.119
unknown.prolexic.com
August 13, 2016

98.124.243.34
May 16, 2016

46.229.166.161
April 30, 2014

File downloads found at URLs served by www.downloadsoundcloud.net.

0 / 68
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

1 / 68
http://www.downloadsoundcloud.net/.../18260  (soundclouddownloader_setup.exe)

0 / 68
http://www.downloadsoundcloud.net/.../90720  (microsoft office 2013 full__6629_i1783662740_il2116.exe.gz)

1 / 68      (inconclusive)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

12 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

0 / 68
http://www.downloadsoundcloud.net/.../192680  (soundclouddownloader__6629_i1611463305_il988.exe.rar)

14 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (file.download__2299_i808137259_il5562558.exe)

3 / 68      (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

29 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (file.download__2299_i726463650_il153546.exe)

12 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

11 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

22 / 68    (Adware)
http://www.downloadsoundcloud.net/.../49510  (watch transformers 4 __5160_i1091627607_il2572501.exe)

1 / 68
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

4 / 68      (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

10 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader_setup.exe)

23 / 68    (Adware)
http://www.downloadsoundcloud.net/.../49510  (adware remover tool v3 8 downloader__3687_i986153858_il2667926.exe)

8 / 68      (PUP)
http://www.downloadsoundcloud.net/.../73950  (soundclouddownloader_setup.exe)

21 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (herdprotect__2309_il720783.exe)

31 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (soundclouddownloader__6629_i570559765_il40.exe)

17 / 68    (PUP)
http://www.downloadsoundcloud.net/.../49510  (360.Internet.Security__2309_il68793.exe)

15 / 68    (Adware)
http://www.downloadsoundcloud.net/.../49510  (setup.exe)

5 / 68      (PUP)
http://www.downloadsoundcloud.net/.../49510  (hallmark the good witch s dest downloader__3687_i485776761_il6005164.exe)

The following 28 files have been seen to comunicate with www.downloadsoundcloud.net in live environments.

TCP » 72.52.4.119:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 72.52.4.119:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.119:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 72.52.4.119:80
online-guardian-v2.0.9.exe

TCP » 72.52.4.119:80
updat.exe

TCP » 72.52.4.119:80
uran.exe (Uran by uCoz Media and Chromium Authors)

TCP » 72.52.4.119:80
autorun.exe (SoftFullDownload.blogspot.com)

TCP » 72.52.4.119:80
hbpzabffmyx.exe

TCP » 72.52.4.119:80
cpx.exe (Google Embedded Application)

TCP » 72.52.4.119:80
jingling.exe

TCP » 72.52.4.119:80
xkyuizxr.exe

TCP » 72.52.4.119:25
wrk.exe

TCP » 72.52.4.119:25
www.exe

TCP » 72.52.4.119:80
pbiiuvda.exe

TCP » 72.52.4.119:80
swlynnf.exe

TCP » 72.52.4.119:80
websiterecommendation_2_2.crx

TCP » 72.52.4.119:80
fanaticoonline.crx

TCP » 72.52.4.119:25
tiddiszagtor.exe (Faster Aids Manager by XIGMATEK)

TCP » 72.52.4.119:326
tgvbgq.exe

 
Latest 20 of 33 files

URL:
http://www.downloadsoundcloud.net/

Title:
“The Ultimate Soundcloud Downloader”

Web server:
Apache/2.2.23 (Unix) PHP/5.2.17 (PHP/5.2.17)

Facebook:
Likes:  3
Shares:  4

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.