home

www.win7zip.com

Amonetize ltd.

Domain Information

The domain www.win7zip.com registered by Rocketry BV was initially registered in July of 2015 through Moniker Online Services. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Jacksonville, Florida within the United States which resides on the Network Solutions, LLC network. The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Alberta in Israel.
Registrar:
SANTIAMDOMAINS.COM LLC

Server location:
Florida, United States (US)

Create date:
Monday, July 13, 2015

Expires date:
Wednesday, July 13, 2016

Updated date:
Sunday, July 19, 2015

ASN:
AS6245 NETWORK-SOLUTIONS - InterNIC Registration Services,US

Root domain:
win7zip.com

Whois:
6 win7zip.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.P, PUP.Installer.Amonetizeltd.a, PUP.Installer.Amonetizeltd.j, PUP.Installer.Amonetizeltd.R, PUP.Installer.Amonetizeltd.f, PUP.Installer.Amonetizeltd.c, PUP.Installer.Amonetizeltd.F, PUP.Installer.Wilmaonline.BB
97.50%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
92.50%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AA (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant)
87.50%

Dr.Web
Adware.Downware.1655, Adware.Downware.1729, Adware.Downware.1833, Adware.Downware.1575, Adware.Downware.2467, Adware.Downware.2206
85.00%

Avira AntiVirus
Adware/Amonetize.E.1, APPL/Amonetize.hsz, ADWARE/Adware.Gen2, Adware/Graftor.146078.139, APPL/Bundler.Amonetize.N.102, APPL/Amonetize.Z
75.00%

AVG
Skodna.Generic_c, MalSign.Generic, Generic_r, MalSign.Wilmo
75.00%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
75.00%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic
70.00%

G Data
Application.Downloader.RB, Win32.Trojan.Agent.JLZ8M5, Win32.Trojan.Agent.Z7F99L, Win32.Application.Amonetize, Trojan.Generic.11059234
67.50%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:Amonetize-AM [PUP], Win32:Amonetize-CI [PUP]
62.50%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.Agent
60.00%

McAfee
Artemis!E5C0DB008114, Artemis!D9450DCB35E7, Artemis!C8557B2600A3, Artemis!24D29F60583B, Adware-Amonetize!DAEFDB529DA8, Artemis!9AA35D1708F5, Artemis!962771705C3F, Artemis!34251EF03489, Artemis!D8B7A52661C3, Artemis!485DB2086583, PUP-FBM
57.50%

Baidu Antivirus
Adware.Win32.Amonetize
52.50%

MicroWorld eScan
Application.Downloader.RB, Trojan.Generic.11059234, Application.Bundler.Amonetize.D, Gen:Variant.Application.Bundler.Amonetize.8, Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.12, Gen:Variant.Application.Bundler.Amonetize.14
50.00%

NANO AntiVirus
Trojan.Win32.Agent.cugffu, Riskware.Win32.Amonetize.cxiqpu, Riskware.Win32.Amonetize.dbyopz, Riskware.Win32.Amonetize.dcckkw
50.00%

The domain www.win7zip.com has been seen to resolve to the following 13 IP addresses.

198.46.51.188
198-46-51-188-na3.opsourcecloud.net
July 1, 2016

162.212.2.136
162-212-2-136-na1.opsourcecloud.net
July 1, 2016

198.46.51.193
198-46-51-193-na3.opsourcecloud.net
May 25, 2016

162.212.2.137
162-212-2-137-na1.opsourcecloud.net
May 25, 2016

205.178.189.129
underconstruction.networksolutions.com
May 18, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
February 1, 2016

54.245.104.86
ec2-54-245-104-86.us-west-2.compute.amazonaws.com
December 1, 2014

54.214.6.146
ec2-54-214-6-146.us-west-2.compute.amazonaws.com
August 22, 2014

54.214.247.254
ec2-54-214-247-254.us-west-2.compute.amazonaws.com
August 13, 2014

54.244.225.147
ec2-54-244-225-147.us-west-2.compute.amazonaws.com
April 30, 2014

54.214.5.255
ec2-54-214-5-255.us-west-2.compute.amazonaws.com
April 26, 2014

54.244.243.165
ec2-54-244-243-165.us-west-2.compute.amazonaws.com
March 14, 2014

50.112.112.223
ec2-50-112-112-223.us-west-2.compute.amazonaws.com
December 18, 2013

File downloads found at URLs served by www.win7zip.com.

26 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&iaff1=9999&ci=3332&&capp=s7zip&ti1=[clickID]  (flashplayer__4369_i268913416_il14.exe)

8 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9015&capp=s7zip&ti1=MR4&ti2=&ti3=  (tvapp__8821_i1234623581_il13.exe)

31 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6619&capp=s7zip&ti1=[clickID]  (flashplayersetup__4651_i396843252_il31.exe)

10 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6623&capp=s7zip&ti1=[clickID]  (7zip__6624_il1340.exe)

22 / 68    (PUP)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6617&capp=s7zip&ti1=[clickID]  (flashplayersetup__4651_i650723679_il9.exe)

22 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6626&capp=s7zip&ti1=MR4&ti2=&ti3=  (tvapp__8821_i1002990161_il9.exe)

9 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=3551&capp=s7Zip  (7zip__2817_il217.exe)

14 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02C1JAKzzAFHCH5  (flashplayer__4072_i1230137598_il1.exe)

18 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9015&capp=s7zip&ti1=MR4_2&ti2=&ti3=  (flashplayer__6741_i1191534538_il28.exe)

26 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zc1lkdz7holje  (flashplayer__6741_i1100317437_il1.exe)

20 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zc1lklz7gapgq  (flashplayersetup__4651_i1096618127_il1.exe)

19 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zc1lklz7dshbd  (tvapp__8821_i1088818374_il19.exe)

23 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zbvqkjz6m2rnd  (flashplayer__6114_i1045128933_il54.exe)

10 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zbvqklz6g9r40  (flashplayersetup__7824_i1025273347_il2.exe)

23 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zc0gf6z6m4md0  (flashplayer__6114_i1045128933_il54.exe)

15 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zbvqklz6uig26  (flashplayer__4072_i1063992166_il54.exe)

8 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zbvqklz6dq2q5  (7zip__9250_i1017197797_il271.exe)

8 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=9250&capp=s7zip&ti1=TR_02zbvqklz6f4itm  (7zip__9250_i1021862755_il271.exe)

16 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=2156&&capp=s7zip&ti1=102ed10da20aceb73264e11fc0fb8f  (extratorrent.download__2570_i151069343_il7.exe)

12 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6626&capp=s7zip&ti1=MR4_2&ti2=&ti3=  (7zip__6626_i1131977128_il60.exe)

10 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6624&capp=s7zip&ti1=[clickID]  (7zip__6624_il1340.exe)

12 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=4629&&capp=s7zip&ti1=[clickID]  (flashplayer__4369_i408772010_il280.exe)

16 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=3611&&capp=s7zip&ti1=[clickID]  (extratorrent.download__2570_i151069343_il7.exe)

14 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=2817&capp=s7Zip  (mediaplayer__6394_i390295246_il343.exe)

11 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&iaff1=9942&ci=3105&&capp=s7zip&ti1=[clickID]  (flashplayer__2570_i140621249_il7.exe)

11 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&iaff1=9942&ci=3641&&capp=s7zip&ti1=[clickID]  (setup.exe)

13 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6621&capp=s7zip&ti1=[clickID]  (7zip__6621_il77.exe)

2 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.89&ci=6626&capp=s7zip&ti1=gs_arab  (7zip__6623_il1340.exe)

16 / 68    (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=2156&&capp=s7zip&ti1=1025439686186f47bd8e48d8b81fec  (extratorrent.download__2570_i151069343_il7.exe)

9 / 68      (Adware)
http://www.win7zip.com/direct-download.html?version=1.1.5.55&ci=3611&&capp=s7zip&ti1=[download-needfile]  (7zip__3331_il49.exe)

 
Latest 30 of 53 download URLs

The following 230 files have been seen to comunicate with www.win7zip.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.245.104.86:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.72.9.51:80
smlb.jpg

 
Latest 20 of 239 files

URL:
http://www.win7zip.com/

Title:
“win7zip.com”

Title (12/18/2013):
“7-Zip”

Title (8/13/2014):
“7-Zip - Download Free”

Web server:
nginx

amonetize.com

aminst.net

wilddownload.com

recentdownload.com

otherdownload.com

askdownload.com

reallydownload.com

amusingdownload.com

activemonetizer.com

winvlc.com

doanesoftware.com

rightfuldownload.com

guidetodownload.com

winflashplayer.com

zyaada.com

wintvapp.com

nationaldownload.com

transdownload.com

burstingdownload.com

reliabletrusteddownloads.com

thankdownload.com

averagedownload.com

intactdownload.com

normaldownload.com

easyfiledownloads.net

eachdownload.com

accuratedownload.com

angibledownload.com

shortestdownload.com

downloadnowww.com

30 of 30 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.