www.sharfiles.com

Whois Privacy Shield Services

Domain Information

The domain www.sharfiles.com registered by Whois Privacy Shield Services was initially registered in January of 2016 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
SOCRATES 888, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Wednesday, January 27, 2016

Expires date:
Friday, January 27, 2017

Updated date:
Saturday, January 30, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Google Safe Browsing:
malware

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FINEDREAMINVEST.r, PUP.FINEDREAMINVEST.U, PUP.FINEDREAMINVEST.e, PUP.FINEDREAMINVEST.w, PUP.LADYSWOOD2013, PUP.FINEDREAMINVEST (M), PUP.SOFTWAREAGILITY (M), PUP.Brightcircle.LADYSWOO (M), PUP.FINEDREA (M), PUP (M)
100.00%

avast!
Win32:Adware-BGS [PUP], Win32:Adware-gen [Adw]
30.77%

VIPRE Antivirus
iPumper, PileFile Downloader, Threat.4787725
30.77%

Avira AntiVirus
ADWARE/Adware.Gen
30.77%

Rising Antivirus
PE:PUF.FilePile!1.9E19
30.77%

Malwarebytes
PUP.Optional.FilePile.A
23.08%

AhnLab V3 Security
Adware/Win32.DownloadWare, PUP/Win32.Downloader
23.08%

ESET NOD32
Win32/BundleInstaller (variant)
23.08%

nProtect
Adware/W32.Agent.5175736, Trojan-Dropper/W32.Agent.6390728
15.38%

IKARUS anti.virus
Trojan-Dropper.Agent, Trojan-Downloader.Win32.Clikug
15.38%

Fortinet FortiGate
W32/Agent.PFR!tr
15.38%

AVG
MalSign.Generic, Downloader.Generic13
15.38%

herdProtect (fuzzy)
a variant of eec76c623366b4593b6771800a74f8ac9cc2983b
7.69%

McAfee
PileFile!FACF074CA6EC
7.69%

McAfee Web Gateway
PileFile!FACF074CA6EC
7.69%

The domain www.sharfiles.com has been seen to resolve to the following 5 IP addresses.

ec2-54-210-47-225.compute-1.amazonaws.com
April 11, 2016

125.34.148.146.bc.googleusercontent.com
April 11, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
November 10, 2015

September 7, 2014

December 27, 2013

File downloads found at URLs served by www.sharfiles.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

33 / 68    (Adware)

12 / 68    (Adware)

8 / 68      (Adware)
http://www.sharfiles.com/.../Real-Pictures-Of-Santa-And-His-Reindeer.rar_Downloader_316111414.exe  (bungalow-house-plans-with-photos-ireland.rar_downloader.exe)

1 / 68      (Adware)

9 / 68      (Adware)

1 / 68      (Adware)

The following 219 files have been seen to comunicate with www.sharfiles.com in live environments.

TCP » 54.72.9.51:80

 
Latest 20 of 226 files

URL:
http://www.sharfiles.com/

Title:
“sharfiles.com”

Title (12/27/2013):
“Fast File Downloader”

Title (5/3/2015):
“sharfiles.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx