home

www.socksharedownloader.com

NameFind LLC

Domain Information

The domain www.socksharedownloader.com registered by NameFind LLC was initially registered in November of 2012 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, November 15, 2012

Expires date:
Tuesday, November 15, 2016

Updated date:
Friday, April 8, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:
socksharedownloader.com

Whois:
4 socksharedownloader.com records

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallLabltd.u, PUP.CoolMirage.e, PUP.CoolMirage.S, PUP.CoolMirageltd.EE, PUP.CoolMirage.Installer, PUP.CoolMirage.Installer (M)
95.00%

Dr.Web
Adware.Yontoo.11, Adware.Downware.1263, Adware.Downware.902, Trojan.Yontoo.3993
30.00%

McAfee
Artemis!12C58D4249CA, Artemis!3056E0E13991, Adware-SweetIM, Program.Artemis!4B26755A38DF, Program.Adware-SweetIM
25.00%

Malwarebytes
PUP.Optional.OneClickDownloader.A, PUP.BundleInstaller.DW
25.00%

VIPRE Antivirus
Conduit, CoolMirage Ltd, Threat.4784938, Threat.4791953
25.00%

Sophos
CoolMirage, FT Downloader, PUA 'CoolMirage'
25.00%

Panda Antivirus
PUP/MultiToolbar.A
15.00%

avast!
Downloader-TPG [PUP], Oneclick-I [PUP], Win32:Oneclick-I [PUP]
15.00%

ESET NOD32
Win32/Adware.1ClickDownload.AM application, Win32/AdWare.1ClickDownload.AT application, Win32/Adware.1ClickDownload.AX application
15.00%

G Data
NSIS.Adware.OneClickDownloader, Gen:Application.Bundler.DefaultTab
10.00%

Qihoo 360 Security
Win32/Virus.Adware.47b
10.00%

K7 AntiVirus
Adware
10.00%

NANO AntiVirus
Trojan.Script.Downware.cujzax, Riskware.Nsis.Downware.czyjkl
10.00%

Comodo Security
Application.Win32.MCool.A, Application.Win32.CoolMirage.AS
10.00%

Avira AntiVirus
APPL/CoolMirage.Gen6, PUA/1ClickDownload.Gen
10.00%

The domain www.socksharedownloader.com has been seen to resolve to the following 7 IP addresses.

208.73.211.70
April 9, 2016

141.8.224.239
February 11, 2016

50.63.202.34
ip-50-63-202-34.ip.secureserver.net
December 26, 2015

176.34.107.151
ec2-176-34-107-151.eu-west-1.compute.amazonaws.com
June 19, 2015

54.241.253.59
ec2-54-241-253-59.us-west-1.compute.amazonaws.com
September 13, 2014

50.18.174.205
ec2-50-18-174-205.us-west-1.compute.amazonaws.com
May 1, 2014

184.169.175.49
ec2-184-169-175-49.us-west-1.compute.amazonaws.com
April 13, 2014

File downloads found at URLs served by www.socksharedownloader.com.

1 / 68      (Adware)
http://www.socksharedownloader.com/.../Extraction.2014.HDRip.HebSub.XviD-Eliran_Gozlan-.avi.exe  (machine.gun.preacher.2011.readnfo.dvdrip.xvid-bida_hebsub_tamitos_www.nako.me.avi.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../F9228D66200F7D69&name= www.GoParkIt.com -- You Get Free Cash and Coupons&pub=sockshare&sp=1  (_www.goparkit.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../93ARYS5ZYL0CWSK&name=Love Dont Cost A Thing.avi&pub=sockshare&sp=1  (love_dont_cost_a_thing.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../F9228D66200F7D69&name= www.GoParkIt.com -- You Get Free Cash and Coupons&pub=sockshare&sp=1  (_www.goparkit.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../6231YKB30FKS4OW&name=Knight.Rider.2000.1991.DVDRip.XViD-SyntaX.avi&pub=sockshare&sp=1  (knight.rider.2000.1991.dvdrip.xvid-syntax.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../4F0A2C2160FA4D3D&name=The.Green.Mile.1999.DVDRip.XviD.CD1-HEBSUB.WwW.HoRaDoT.NeT.avi&pub=sockshare&sp=1  (downloadsetup.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../71835F5708D3DFF3&name=WIN.Harry.Potter.And.The.Deathly.Hallows.Part.1&pub=sockshare&sp=1  (win.harry.potter.and.the.deathly.hallows.part.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../DF11F91273E5AAC2&name=Plum.Blossom.DVDRip.AC3.CD1.&pub=sockshare&sp=1  (plum.blossom.dvdrip.ac3.cd1.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/.../Mighty_Morphin_Power_Rangers_The_Movie.{DVDRip}{1995}{English}{Satellite.UK}.avi.exe  (7e869f50f1ee25330f6080e09ac05dc1)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../AA134F5908E87821&name=01_Fit_Test&pub=sockshare&sp=1  (01_fit_test.exe)

9 / 68      (PUP)
http://www.socksharedownloader.com/.../7HD-30627-Iwatchonline.to.mkv.exe  (01f3cf23a31fa7b1161869806fc9a74f)

9 / 68      (Adware)
http://www.socksharedownloader.com/.../7HD-30627-Iwatchonline.to.mp4.exe  (fick.meine.frau.16.avi.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/.../7HD-30627-Iwatchonline.to.mkv.exe  (a422c5470025e995d8a68ca83fd63272)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../8D7ABB834393AD59&name=Ted&pub=sockshare&sp=1  (ted.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../106T1BUEAZ0J&name=Elf.avi&pub=sockshare&sp=1  (elf.exe)

1 / 68      (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../FC2FC4C49C18B40E&name=Ted.2012.BluRay.720p.x264.YIFY.mp4&pub=sockshare&sp=1  (ted.2012.bluray.720p.x264.yify.exe)

27 / 68    (Adware)
http://www.socksharedownloader.com/.../Snowpiercer.2014.BRRip.Xvid_Ac3-MiLLENiUM.HebSub.Eliran_Gozlan.avi.exe  (4b26755a38dfc00b679470b11f286c37)

15 / 68    (Adware)
http://www.socksharedownloader.com/download/product_download.php?file=http://www.sockshare.com/.../44527199F414E493&name=Hart.Of.Dixie.S01E02.HDTV.XviD-ASAP.avi&pub=sockshare&sp=1  (hart.of.dixie.s01e02.hdtv.xvid-asap.exe)

9 / 68      (Adware)
http://www.socksharedownloader.com/.../Fick.Meine.Frau.16.avi.exe  (3056e0e13991e3bb22bc75f7d77be7f2)

6 / 68      (Adware)
http://www.socksharedownloader.com/.../45646545454skriimv177incldawnggnd.rar.exe  (fc08fa2a250690d9399ac8aeb1d1846b)

7 / 68      (Adware)
http://www.socksharedownloader.com/.../HIMYM.S09E19.720p.www.thee-online-tv-show.blogspot.co.il.mp4.exe  (12c58d4249cadfb7fa81a32a215bf7a7)

0 / 68
http://www.socksharedownloader.com/.../3.Pirates.Of.The.Caribbean.A.W.E.2007.mkv.exe  (ff41125b7e98e605ba5004314fd43ca5)

The following 14 files have been seen to comunicate with www.socksharedownloader.com in live environments.

TCP » 50.63.202.34:80
online-guardian-v2.0.9.exe

TCP » 141.8.224.239:80
dislike.crx

TCP » 141.8.224.239:443
droppad.crx

TCP » 176.34.107.151:80
codec_pack_41505_ch.exe

TCP » 176.34.107.151:80
don't_starve_(dec_12).exe

TCP » 176.34.107.151:80
codec_pack_899301_ff.exe

TCP » 176.34.107.151:80
driver_genius_professional_v12_0_0_1314_incl_serial-p2p_265.exe

TCP » 176.34.107.151:80
codec_pack_226555_ch.exe

TCP » 176.34.107.151:80
voes8xr3.exe

TCP » 208.73.211.70:80
videostream-elfana.crx

TCP » 208.73.211.70:443
droppad.crx

TCP » 208.73.211.70:443
droppad.crx

TCP » 50.63.202.34:80
online-guardian-v2.exe

TCP » 50.63.202.34:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

URL:
http://www.socksharedownloader.com/

Title:
“socksharedownloader.com”

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.