www.singulardownload.com

Moniker Privacy Services  (Proxy Registrant)

Domain Information

The domain www.singulardownload.com is registered by proxy through Moniker Online Services and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
Moniker Online Services

Server location:
Virginia, United States (US)

Create date:
Thursday, October 31, 2013

Expires date:
Friday, October 31, 2014

Updated date:
Friday, November 01, 2013

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.Amonetize.A
96.30%

Avira AntiVir
ADWARE/Adware.Gen2
92.59%

McAfee
Adware-Amonetize!0A13695E904F, Adware-Amonetize!806486D56A37, Artemis!D781C2D445BA, Artemis!8CC2F0A16469, Artemis!113F36A23A03, Artemis!EED95BD36931, Adware-Amonetize!DC035ED17CF1, Artemis!74BB457D49AD, Artemis!464F7A8A3D64, Adware-Amonetize!AFF2C2D27B7F, Artemis!F67567FFBD07, Artemis!31EAC5D0E8D7, Artemis!AAD320A99B7B, Artemis!B5A36DCF2EFC, Adware-Amonetize!75B5F2E2A99A, Adware-Amonetize!9E63DD19C5B7, Artemis!A70A60DB4353
85.19%

Trend Micro House Call
TROJ_GEN.F47V0218, TROJ_GEN.F47V0220, TROJ_GEN.F47V0226, TROJ_GEN.F47V0227, TROJ_GEN.F47V0309, TROJ_GEN.F47V0313, TROJ_GEN.F47V0320
85.19%

ESET NOD32
Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant), Win32/Amonetize.AO (variant)
85.19%

Reason Heuristics
PUP.Installer.Amonetizeltd.?, PUP.Installer.Amonetizeltd.N, Threat.Win.Reputation.IMP, PUP.Installer.ShetefSolutionsConsulting1998.n
81.48%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
77.78%

McAfee Web Gateway
Adware-Amonetize!0A13695E904F, Adware-Amonetize!806486D56A37, Artemis!D781C2D445BA, Artemis!8CC2F0A16469, Artemis!113F36A23A03
74.07%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
74.07%

avast!
Win32:Amonetize-F [PUP], Win32:Amonetize-J [PUP], Win32:Dropper-gen [Drp], Win32:Amonetize-N [PUP], Win32:PUP-gen [PUP]
70.37%

Sophos
Generic PUA BP, Amonetize, Generic PUA GM
62.96%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:Adware.Win32.Amonetize
62.96%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic
59.26%

Qihoo 360 Security
HEUR/Malware.QVM01.Gen, Win32/Virus.Adware.932, HEUR/Malware.QVM10.Gen
59.26%

Dr.Web
Adware.Downware.1655, Adware.Downware.1575, Adware.Downware.2250, Adware.Downware.2467, Adware.Downware.2453, Adware.Downware.8012
55.56%

The domain www.singulardownload.com has been seen to resolve to the following 9 IP addresses.

ec2-107-20-210-63.compute-1.amazonaws.com
May 29, 2014

ec2-50-17-209-45.compute-1.amazonaws.com
May 29, 2014

ec2-50-17-206-16.compute-1.amazonaws.com
May 29, 2014

ec2-23-21-228-251.compute-1.amazonaws.com
May 29, 2014

ec2-54-235-68-127.compute-1.amazonaws.com
April 11, 2014

ec2-107-21-115-114.compute-1.amazonaws.com
April 11, 2014

ec2-54-235-189-159.compute-1.amazonaws.com
March 27, 2014

ec2-54-225-132-130.compute-1.amazonaws.com
March 14, 2014

ec2-54-225-181-84.compute-1.amazonaws.com
February 20, 2014

File downloads found at URLs served by www.singulardownload.com.

14 / 68    (PUP)

 
Latest 30 of 89 download URLs

The following 7 files have been seen to comunicate with www.singulardownload.com in live environments.

URL:
http://www.singulardownload.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache/2.2.15 (Red Hat) (PHP/5.3.3)

Detection Incidence by Country