www.extractdownload.com

Domain Registries Foundation

Domain Information

The domain www.extractdownload.com registered by Domain Registries Foundation was initially registered in November of 2015 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Friday, November 20, 2015

Expires date:
Sunday, November 20, 2016

Updated date:
Friday, November 20, 2015

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Avira AntiVirus
ADWARE/Adware.Gen2, ADWARE/AgentCV.A.295, TR/Trash.Gen
86.67%

avast!
Win32:Amonetize-E [PUP], Win32:Amonetize-M [PUP], Win32:Adware-gen [Adw], Win32:Adware-BJY [PUP], Win32:Amonetize-N [PUP], Win32:Amonetize-BA [PUP], Win32:Amonetize-Q [PUP]
80.00%

Reason Heuristics
PUP.Installer.Amonetizeltd.z, PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.p, PUP.Wilmaonline.FF, PUP.Installer.Amonetizeltd.f, PUP.Installer.Amonetizeltd.F, Threat.Win.Reputation.IMP
73.33%

Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A
66.67%

AhnLab V3 Security
PUP/Win32.Amonetiz
66.67%

ESET NOD32
Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant)
66.67%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic
60.00%

Sophos
Amonetize
60.00%

McAfee
Adware-Amonetize!408E888C34D0, Adware-Amonetize!C8D08ACD3F1E, Adware-Amonetize!9E30F4C0808D, Artemis!E92BDE0EC826, Adware-Amonetize!3F110C855703, Artemis!C3A15DB2A582, Artemis!5C6BD2794FED, Adware-Amonetize!325429A955FA
53.33%

Dr.Web
Adware.Downware.1655, Adware.Downware.1575, Adware.Downware.2467, Adware.Downware.2250
53.33%

Fortinet FortiGate
Riskware/Amonetize
53.33%

AVG
Generic_r, MalSign.Generic, MalSign.Wilmo
53.33%

Trend Micro House Call
TROJ_GEN.F47V0206, TROJ_GEN.F47V0220, TROJ_GEN.F47V0306, TROJ_GEN.F47V0309, TROJ_GEN.F47V0226, TROJ_GEN.F47V0312, TROJ_GEN.F47V0311
53.33%

McAfee Web Gateway
Adware-Amonetize!408E888C34D0, Adware-Amonetize!C8D08ACD3F1E, Adware-Amonetize!9E30F4C0808D, Artemis!E92BDE0EC826, Adware-Amonetize!3F110C855703
46.67%

Kaspersky
not-a-virus:HEUR:Adware.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Amonetize
33.33%

The domain www.extractdownload.com has been seen to resolve to the following 11 IP addresses.

March 3, 2016

unallocated.barefruit.co.uk
May 4, 2015

209.222.14.3.choopa.net
December 2, 2014

ec2-50-17-209-45.compute-1.amazonaws.com
May 30, 2014

ec2-107-20-210-63.compute-1.amazonaws.com
May 30, 2014

ec2-50-17-206-16.compute-1.amazonaws.com
May 30, 2014

ec2-23-21-228-251.compute-1.amazonaws.com
May 30, 2014

ec2-54-235-68-127.compute-1.amazonaws.com
April 14, 2014

ec2-107-21-115-114.compute-1.amazonaws.com
April 14, 2014

ec2-54-225-132-130.compute-1.amazonaws.com
March 15, 2014

ec2-54-225-181-84.compute-1.amazonaws.com
February 14, 2014

File downloads found at URLs served by www.extractdownload.com.

1 / 68      (Malware)

 
Latest 30 of 31 download URLs

The following 249 files have been seen to comunicate with www.extractdownload.com in live environments.

 
Latest 20 of 250 files

URL:
http://www.extractdownload.com/

Title:
“extractdownload.com”

Web server:
Apache