www.mipony.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.mipony.net is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dusseldorf, Nordrhein-Westfalen within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Nordrhein-Westfalen, Germany (DE)

Create date:
Saturday, October 10, 2009

Expires date:
Monday, October 10, 2016

Updated date:
Tuesday, October 06, 2015

ASN:
AS24961 MYLOC-AS myLoc managed IT AG

Root domain:

Scanner detections:
Detections  (57% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/InstallCore.CF (variant), Win32/InstallCore.BY (variant), Win32/InstallCore.IJ (variant), Win32/InstallCore.JE.gen (variant), Win32/InstallCore.PZ (variant), Win32/InstallCore.WX potentially unwanted (variant)
66.67%

Dr.Web
Trojan.Packed.24524, Adware.InstallCore.124, Adware.Downware.908, Trojan.DownLoader9.402, Trojan.Packed.24141, Trojan.MulDrop5.10078, Trojan.Packed.25266, Trojan.Siggen6.33552
55.56%

Reason Heuristics
PUP.ISfreemium.Q, PUP.ExtendedSetup.Q, PUP.WorldSetup.CC, PUP.WorldSetup.Q, PUP.Optional.MaxSetup.Q, PUP.MaxSetup.Q, PUP.STMSetup.Q, PUP.InstallCore.11 (M)
55.56%

Trend Micro House Call
TROJ_GEN.F47V1121, TROJ_SPNR.0CFD13, TROJ_GEN.F47V0801, TROJ_GEN.F47V0214, TROJ_GEN.F47V0224, TROJ_GEN.F47V0317, TROJ_GEN.F47V0417, Suspicious_GEN.F47V0625, Suspicious_GEN.F47V0122
40.74%

VIPRE Antivirus
InstallCore, Trojan.Win32.Generic
37.04%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, NS:Malware.Install!1.9F62, PE:Malware.InstallCore!6.4, PE:Trojan.Win32.Generic.16F55F76!385179510
37.04%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, TrojanDownloader.Genome, Downware.InstallCore
37.04%

Fortinet FortiGate
Riskware/InstallCoreDL, Riskware/InstallCore_JE, W32/Kryptik.BVVE!tr
33.33%

Sophos
Install Core Click run software, Mal/Generic-S
25.93%

Avira AntiVirus
APPL/InstallCore.AT.13, APPL/InstallCore.Y.56, ADWARE/InstallCore.Gen7
25.93%

K7 Gateway Antivirus
Trojan , Unwanted-Program
25.93%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.BrowseFox
25.93%

K7 AntiVirus
Trojan , Unwanted-Program
22.22%

G Data
Win32.Application.InstallCore, Trojan.Downloader.JQBN
22.22%

McAfee Web Gateway
Artemis!1571F79C4CF6, Artemis!7F471A167033, Artemis!D5463C1170FA, Artemis!3B0F525C9E47, BehavesLike.Win32.BadFile.jc
22.22%

The domain www.mipony.net has been seen to resolve to the following 2 IP addresses.

166.ip-164-132-99.eu
April 6, 2016

o031.orange.fastwebserver.de
December 15, 2013

File downloads found at URLs served by www.mipony.net.

0 / 68
http://www.mipony.net/.../Mipony-Installer.exe  (e134e341bd3739f5d99af69d8485babe)

2 / 68      (inconclusive)

The following 12 files have been seen to comunicate with www.mipony.net in live environments.

URL:
http://www.mipony.net/

Google Analytics:
UA-56897

Title:
“Mipony - Download manager”

Description:
“Free program Mipony,a download manager for files from Rapidshare, Mega, Hotfiles, Easyshare, Gigasize, Mediafire, Sendspace, Uploading, Storage.to, Uploader.to, Filesend, Letitbit, Zshare,...”

Web server:
nginx/1.6.2 (Ubuntu)

Facebook:
Likes:  25
Shares:  161
Comments:  71

Statistics are for the previous month.