www.gtopala.com

Gabriel Topala

Domain Information

The domain www.gtopala.com registered by Gabriel Topala was initially registered in May of 2004 through WILD WEST DOMAINS, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Bristow, Virginia within the United States which resides on the Microsoft Corp network.
Registrar:
WILD WEST DOMAINS, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, May 19, 2004

Expires date:
Monday, May 19, 2025

Updated date:
Wednesday, May 20, 2015

ASN:
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation

Root domain:

Scanner detections:
Detections  (69% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TopalaSoftwareSolutions.Installer (M), PUP.TopalaSoftwareSolutions.D, PUP.Installer.TopalaSoftwareSolutions.M, PUP.Installer.TopalaSoftwareSolutions.J, PUP (M)
78.57%

ESET NOD32
Win32/RemoteAdmin.RemoteExec.AA (variant), Win32/OpenCandy
57.14%

Malwarebytes
PUP.Optional.Topala
21.43%

Trend Micro House Call
ADW_OPENCANDY, ADW_OPENINSTALL
21.43%

Dr.Web
Adware.OpenCandy.8
21.43%

Trend Micro
ADW_OPENCANDY, ADW_OPENINSTALL
21.43%

Antiy Labs AVL
Trojan/PHP.AccPhish
21.43%

XVirus List
Win32.Detected
21.43%

F-Prot
W32/SuspPack.N.gen
21.43%

Agnitum Outpost
Packed/PECompact
7.14%

Bkav FE
HW32.CDB
7.14%

AVG
OpenCandy
7.14%

Baidu Antivirus
Adware.Win32.OpenCandy
7.14%

The domain www.gtopala.com has been seen to resolve to the following 3 IP addresses.

August 19, 2016

June 7, 2016

xboxupload.com
April 16, 2014

File downloads found at URLs served by www.gtopala.com.

1 / 68      (PUP)
https://www.gtopala.com/.../dl.php?filename=siw-setup.exe  (80239bb94edcf828396d74650825ee8a)

0 / 68
https://www.gtopala.com/.../siw-trial.php  (49a04c87e006d975593529303092f8c8)

0 / 68
https://www.gtopala.com/.../dl.php?filename=siw-setup.exe  (fd2cda7a04e0f08ab54c4d22748bff65)

9 / 68      (PUP)
http://www.gtopala.com/.../siw-setup.exe  (f05be1a75b299f6c2554cfed71fd0afe)

1 / 68      (PUP)
https://www.gtopala.com/.../dl.php?filename=siw-setup.exe  (b4d4417982e77f6c1faf7393c831adc9)

9 / 68      (PUP)
http://www.gtopala.com/download/.../siw-setup.exe  (8aafc0e71f081c117967a451c2173dd3)

1 / 68      (PUP)
https://www.gtopala.com/.../dl.php?filename=siw-setup.exe  (f0c5902e5745486318866ed922d7f3fc)

1 / 68      (PUP)
https://www.gtopala.com/.../dl.php?filename=siw-setup.exe  (b3f215e17fb2e547b84a0af50528dbaa)

2 / 68      (PUP)
http://www.gtopala.com/download/.../siw-setup.exe  (53b78018b14bac011afbd324d79f62a6)

1 / 68      (PUP)
http://www.gtopala.com/.../SIWPortable_2011.10.29.paf.exe  (de24d1197c268c68334f02a6a271fa1b)

1 / 68      (inconclusive)
http://www.gtopala.com/.../SIWPortable_2011.10.29.paf.exe  (f6659d1b9da5076e8cce46e27e83541b)

3 / 68      (inconclusive)
http://www.gtopala.com/.../siw-setup.exe  (75b06e8c224455857877da6b3506e2bd)

9 / 68      (PUP)
http://www.gtopala.com/.../siw-setup.exe  (2d1d36a94efbcb7102e4d1151dd2c631)

2 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (inconclusive)
http://www.gtopala.com/.../siw.exe  (13dbc7b84232604ddaca90bb9296c9a8)

The following 2 files have been seen to comunicate with www.gtopala.com in live environments.

URL:
http://www.gtopala.com/

Google Analytics:
UA-63824

Title:
“SIW | System Information for Windows by Gabriel Topala”

Description:
“SIW is an System Information for Windows program (PC Inventory - Network, Hardware and Software Information, Software License Compliance)”

SSL certificate subject:
CN=www.gtopala.com, OU=COMODO SSL, OU=Domain Control Validated

SSL certificate issuer:
CN=K Software Certificate Authority (DV) 2, O=K Software, L=Ashland, S=KY, C=US

Web server:
PHP/5.6.17

Facebook:
Likes:  4
Shares:  19
Comments:  5

Statistics are for the previous month.