www.win7zip.com

Amonetize ltd.

Domain Information

The domain www.win7zip.com registered by PEJ Private Equity was initially registered in July of 2015 through Moniker Online Services. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter. The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Israel.
Remove Malware from www.win7zip.com - Powered by Reason Core Security
Registrar:
SANTIAMDOMAINS.COM LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Monday, July 13, 2015

Expires date:
Wednesday, July 13, 2016

Updated date:
Sunday, July 19, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.P, PUP.Installer.Amonetizeltd.a, PUP.Installer.Amonetizeltd.j, PUP.Installer.Amonetizeltd.R, PUP.Installer.Amonetizeltd.f, PUP.Installer.Amonetizeltd.c, PUP.Installer.Amonetizeltd.F, PUP.Installer.Wilmaonline.BB
97.22%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
91.67%

Dr.Web
Adware.Downware.1655, Adware.Downware.1729, Adware.Downware.1833, Adware.Downware.1575, Adware.Downware.2467, Adware.Downware.5546
86.11%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AA (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant)
86.11%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic
72.22%

Avira AntiVirus
Adware/Amonetize.E.1, APPL/Amonetize.hsz, APPL/Amonetize.aaounb, ADWARE/Adware.Gen2, Adware/Graftor.146078.139, APPL/Bundler.Amonetize.N.102
72.22%

AVG
Skodna.Generic_c, MalSign.Generic, Generic_r, MalSign.Wilmo
72.22%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
72.22%

G Data
Application.Downloader.RB, Win32.Trojan.Agent.JLZ8M5, Win32.Trojan.Agent.Z7F99L, Win32.Application.Amonetize, Gen:Variant.Application.Bundler.Amonetize
66.67%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:Amonetize-AM [PUP], Win32:Amonetize-CI [PUP]
61.11%

McAfee
Artemis!E5C0DB008114, Artemis!D9450DCB35E7, Artemis!C8557B2600A3, Artemis!24D29F60583B, Adware-Amonetize!DAEFDB529DA8, Adware-Amonetize!FE5D847BE68B, Artemis!9AA35D1708F5, Artemis!962771705C3F, Artemis!34251EF03489, Artemis!D8B7A52661C3, Artemis!485DB2086583, PUP-FBM
58.33%

McAfee Web Gateway
Artemis!E5C0DB008114, Artemis!D9450DCB35E7, Artemis!C8557B2600A3, Artemis!24D29F60583B, Adware-Amonetize!FE5D847BE68B, Artemis!9AA35D1708F5
52.78%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Amonetize
52.78%

MicroWorld eScan
Application.Downloader.RB, Gen:Variant.Application.Bundler.Amonetize.8, Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Application.Bundler.Amonetize.12
47.22%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Amonetize.b.(kcloud), Win32.Troj.Amonetize.a.(kcloud), Win32.Troj.Amonetize.c.(kcloud)
47.22%

The domain www.win7zip.com has been seen to resolve to the following 8 IP addresses.

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
February 1, 2016

ec2-54-245-104-86.us-west-2.compute.amazonaws.com
December 1, 2014

ec2-54-214-6-146.us-west-2.compute.amazonaws.com
August 22, 2014

ec2-54-214-247-254.us-west-2.compute.amazonaws.com
August 13, 2014

ec2-54-244-225-147.us-west-2.compute.amazonaws.com
April 30, 2014

ec2-54-214-5-255.us-west-2.compute.amazonaws.com
April 26, 2014

ec2-54-244-243-165.us-west-2.compute.amazonaws.com
March 14, 2014

ec2-50-112-112-223.us-west-2.compute.amazonaws.com
December 18, 2013

File downloads found at URLs served by www.win7zip.com.

23 / 68    (Adware)

20 / 68    (Adware)

22 / 68    (Adware)

11 / 68    (Adware)

14 / 68    (Adware)

17 / 68    (Adware)

15 / 68    (Adware)

 
Latest 30 of 47 download URLs

The following 13 files have been seen to comunicate with www.win7zip.com in live environments.

URL:
http://www.win7zip.com/

Title:
“win7zip.com”

Title (12/18/2013):
“7-Zip”

Title (8/13/2014):
“7-Zip - Download Free”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

30 of 30 related domains

Remove Malware from www.win7zip.com - Powered by Reason Core Security