www.socksharedownloader.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.socksharedownloader.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from www.socksharedownloader.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, November 15, 2012

Expires date:
Tuesday, November 15, 2016

Updated date:
Thursday, November 26, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallLabltd.u, PUP.CoolMirage.e, PUP.CoolMirage.S, PUP.CoolMirageltd.EE, PUP.CoolMirage.Installer, PUP.CoolMirage.Installer (M)
100.00%

Malwarebytes
PUP.Optional.OneClickDownloader.A, PUP.BundleInstaller.DW
62.50%

Dr.Web
Adware.Yontoo.11, Adware.Downware.1263, Adware.Downware.902
62.50%

VIPRE Antivirus
Conduit, CoolMirage Ltd, Threat.4784938, Threat.4791953
62.50%

McAfee
Artemis!12C58D4249CA, Artemis!3056E0E13991, Adware-SweetIM, Program.Artemis!4B26755A38DF
50.00%

McAfee Web Gateway
Artemis!12C58D4249CA, Artemis!3056E0E13991, BehavesLike.Win32.AdwareSweet.dc, BehavesLike.Win32.AdwareSweet.gc
50.00%

Sophos
CoolMirage, FT Downloader, PUA 'CoolMirage'
50.00%

Panda Antivirus
PUP/MultiToolbar.A
37.50%

G Data
NSIS.Adware.OneClickDownloader, Gen:Application.Bundler.DefaultTab
25.00%

Qihoo 360 Security
Win32/Virus.Adware.47b
25.00%

avast!
Downloader-TPG [PUP], Oneclick-I [PUP]
25.00%

ESET NOD32
Win32/Adware.1ClickDownload.AM application, Win32/AdWare.1ClickDownload.AT application
25.00%

K7 AntiVirus
Adware
25.00%

K7 Gateway Antivirus
Adware
25.00%

NANO AntiVirus
Trojan.Script.Downware.cujzax, Riskware.Nsis.Downware.czyjkl
25.00%

The domain www.socksharedownloader.com has been seen to resolve to the following 6 IP addresses.

February 11, 2016

ip-50-63-202-34.ip.secureserver.net
December 26, 2015

ec2-176-34-107-151.eu-west-1.compute.amazonaws.com
June 19, 2015

ec2-54-241-253-59.us-west-1.compute.amazonaws.com
September 13, 2014

ec2-50-18-174-205.us-west-1.compute.amazonaws.com
May 1, 2014

ec2-184-169-175-49.us-west-1.compute.amazonaws.com
April 13, 2014

File downloads found at URLs served by www.socksharedownloader.com.

10 / 68    (Adware)

6 / 68      (Adware)

The following 7 files have been seen to comunicate with www.socksharedownloader.com in live environments.

URL:
http://www.socksharedownloader.com/

Title:
“socksharedownloader.com”

Web server:
Apache

Remove Malware from www.socksharedownloader.com - Powered by Reason Core Security