www.wonderfuldownload.com

Corp New Ventures Services

Domain Information

The domain www.wonderfuldownload.com registered by Corp New Ventures Services was initially registered in January of 2015 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from www.wonderfuldownload.com - Powered by Reason Core Security
Registrar:
NOTSOFAMOUSNAMES.COM LLC

Server location:
Virginia, United States (US)

Create date:
Monday, January 19, 2015

Expires date:
Tuesday, January 19, 2016

Updated date:
Friday, March 27, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Avira AntiVirus
W32/Sality.AT, ADWARE/Adware.Gen2
100.00%

Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.Monetizer
96.43%

avast!
Win32:Amonetize-F [PUP], Win32:Amonetize-AX [PUP], Win32:Amonetize-BJ [PUP]
92.86%

Reason Heuristics
PUP.Installer.Amonetizeltd.EE, PUP.Installer.Amonetizeltd.DD, PUP.Installer.Amonetizeltd.h, Threat.Win.Reputation.IMP
92.86%

ESET NOD32
Win32/Amonetize.AD (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AO (variant), Win32/Amonetize.AS (variant)
89.29%

AhnLab V3 Security
PUP/Win32.Amonetiz
89.29%

Sophos
Amonetize
85.71%

Baidu Antivirus
Adware.Win32.Amonetize, Adware.Win32.ScrambleWrapper
85.71%

Dr.Web
Win32.Sector.21, Adware.Downware.1655, Adware.Downware.3925, Adware.Downware.3868
75.00%

VIPRE Antivirus
Amonetize, Threat.4785227, Trojan.Win32.Generic
75.00%

McAfee Web Gateway
Adware-Amonetize!837B29452906, Adware-Amonetize!ABB4E18C0F6D, Artemis!7050E7A1E35B, Heuristic.LooksLike.Win32.Suspicious.I
75.00%

McAfee
Adware-Amonetize!837B29452906, Adware-Amonetize!ABB4E18C0F6D, Artemis!7050E7A1E35B, Artemis!AF3BE0A2F776, Artemis!9037D4F76A3F, RDN/Generic PUP.x!c2a, Artemis!189B08670FA1, Artemis!E69D98308B58, PUP-FBM, PUP-FBM!F12E8D0B4991, PUP-FBM!116397B989EA
67.86%

AVG
MalSign.Generic, Generic_r, Adware Generic_r.MG
64.29%

Trend Micro House Call
TROJ_GEN.F47V0214, TROJ_GEN.F47V0219, TROJ_GEN.F47V0521, TROJ_GEN.F47V0513, TROJ_GEN.F47V0524, TROJ_GEN.F47V0525, TROJ_GEN.R0CBB01EO14
57.14%

Fortinet FortiGate
Riskware/Amonetize
57.14%

The domain www.wonderfuldownload.com has been seen to resolve to the following 6 IP addresses.

May 3, 2015

December 5, 2014

209.222.14.3.choopa.net
December 1, 2014

ec2-50-17-240-69.compute-1.amazonaws.com
May 23, 2014

ec2-107-21-115-114.compute-1.amazonaws.com
April 26, 2014

ec2-54-235-68-127.compute-1.amazonaws.com
April 26, 2014

File downloads found at URLs served by www.wonderfuldownload.com.

 
Latest 30 of 53 download URLs

The following 6 files have been seen to comunicate with www.wonderfuldownload.com in live environments.

URL:
http://www.wonderfuldownload.com/

Google Analytics:
UA-2249740

Title:
“Wonderfuldownload.com”

Description:
“Find Wonderful Life, POM Wonderful and more at Wonderfuldownload.com. Get the best of Wonderful Dress or Wonderful Graffiti, browse our section on Wonderful Windows or learn about Wonderful World. Wonderfuldownload.com is the site for Wonderful L...”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx (PHP/5.3.3-7+squeeze25)

30 of 298 related domains

Remove Malware from www.wonderfuldownload.com - Powered by Reason Core Security