www.win7zip.com

Amonetize ltd.

Domain Information

The domain www.win7zip.com registered by Rocketry BV was initially registered in July of 2015 through Moniker Online Services. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Jacksonville, Florida within the United States which resides on the Network Solutions, LLC network. The domain is associated with the publisher Amonetize ltd. who is located in Raanana, Alberta in Israel.
Registrar:
SANTIAMDOMAINS.COM LLC

Server location:
Florida, United States (US)

Create date:
Monday, July 13, 2015

Expires date:
Wednesday, July 13, 2016

Updated date:
Sunday, July 19, 2015

ASN:
AS6245 NETWORK-SOLUTIONS - InterNIC Registration Services,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.P, PUP.Installer.Amonetizeltd.a, PUP.Installer.Amonetizeltd.j, PUP.Installer.Amonetizeltd.R, PUP.Installer.Amonetizeltd.f, PUP.Installer.Amonetizeltd.c, PUP.Installer.Amonetizeltd.F, PUP.Installer.Wilmaonline.BB
97.50%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A, PUP.Optional.Downloader
92.50%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AA (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AJ (variant)
87.50%

Dr.Web
Adware.Downware.1655, Adware.Downware.1729, Adware.Downware.1833, Adware.Downware.1575, Adware.Downware.2467, Adware.Downware.2206
85.00%

Avira AntiVirus
Adware/Amonetize.E.1, APPL/Amonetize.hsz, ADWARE/Adware.Gen2, Adware/Graftor.146078.139, APPL/Bundler.Amonetize.N.102, APPL/Amonetize.Z
75.00%

AVG
Skodna.Generic_c, MalSign.Generic, Generic_r, MalSign.Wilmo
75.00%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
75.00%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic
70.00%

G Data
Application.Downloader.RB, Win32.Trojan.Agent.JLZ8M5, Win32.Trojan.Agent.Z7F99L, Win32.Application.Amonetize, Trojan.Generic.11059234
67.50%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:Amonetize-F [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-N [PUP], Win32:Amonetize-AM [PUP], Win32:Amonetize-CI [PUP]
62.50%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.Agent
60.00%

McAfee
Artemis!E5C0DB008114, Artemis!D9450DCB35E7, Artemis!C8557B2600A3, Artemis!24D29F60583B, Adware-Amonetize!DAEFDB529DA8, Artemis!9AA35D1708F5, Artemis!962771705C3F, Artemis!34251EF03489, Artemis!D8B7A52661C3, Artemis!485DB2086583, PUP-FBM
57.50%

Antiy Labs AVL
RiskWare[Downloader:not-a-virus]/Win32.Agent, GrayWare[AdWare:not-a-virus,HEUR]/Win32.Amonetize, Trojan/Win32.TSGeneric
55.00%

McAfee Web Gateway
Artemis!E5C0DB008114, Artemis!D9450DCB35E7, Artemis!C8557B2600A3, Artemis!24D29F60583B, Artemis!9AA35D1708F5, Adware-Amonetize!E3A0D9872AD1
52.50%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.DownAgent.bj.(kcloud), Win32.Troj.Amonetize.b.(kcloud), Win32.Troj.Amonetize.a.(kcloud)
52.50%

The domain www.win7zip.com has been seen to resolve to the following 13 IP addresses.

198-46-51-188-na3.opsourcecloud.net
July 1, 2016

162-212-2-136-na1.opsourcecloud.net
July 1, 2016

198-46-51-193-na3.opsourcecloud.net
May 25, 2016

162-212-2-137-na1.opsourcecloud.net
May 25, 2016

underconstruction.networksolutions.com
May 18, 2016

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
February 1, 2016

ec2-54-245-104-86.us-west-2.compute.amazonaws.com
December 1, 2014

ec2-54-214-6-146.us-west-2.compute.amazonaws.com
August 22, 2014

ec2-54-214-247-254.us-west-2.compute.amazonaws.com
August 13, 2014

ec2-54-244-225-147.us-west-2.compute.amazonaws.com
April 30, 2014

ec2-54-214-5-255.us-west-2.compute.amazonaws.com
April 26, 2014

ec2-54-244-243-165.us-west-2.compute.amazonaws.com
March 14, 2014

ec2-50-112-112-223.us-west-2.compute.amazonaws.com
December 18, 2013

File downloads found at URLs served by www.win7zip.com.

35 / 68    (Adware)

24 / 68    (PUP)

20 / 68    (Adware)

22 / 68    (Adware)

11 / 68    (Adware)

14 / 68    (Adware)

17 / 68    (Adware)

15 / 68    (Adware)

 
Latest 30 of 53 download URLs

The following 230 files have been seen to comunicate with www.win7zip.com in live environments.

TCP » 54.72.9.51:80

 
Latest 20 of 239 files

URL:
http://www.win7zip.com/

Title:
“win7zip.com”

Title (12/18/2013):
“7-Zip”

Title (8/13/2014):
“7-Zip - Download Free”

Web server:
nginx

30 of 30 related domains