» www.ytddownloader.com
Overview
Analysis
IPs Addresses (5)
Downloads (5)
Network (118)
Website Detail
Statistics
Related Domains (2)

www.ytddownloader.com

Greentree Applications SRL

Domain Information

The domain www.ytddownloader.com registered by Greentree Applications SRL was initially registered in September of 2012 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Frankfurt Am Main, Hessen within Germany which resides on the RIPE Network Coordination Centre network.

Registrant:

Greentree Applications SRL

Registrar:

GODADDY.COM, LLC

Server location:

Hessen, Germany (DE)

Create date:

Tuesday, September 25, 2012

Expires date:

Sunday, September 25, 2016

Updated date:

Tuesday, December 4, 2012

ASN:

AS60781 LEASEWEB-NL LeaseWeb Netherlands B.V.,NL

Root domain:

ytddownloader.com

Whois:

1 ytddownloader.com record

Scanner detections:

Detections (94% detected)

Scan engine

Details

Detections

Reason Heuristics

Win32.Generic.GreenTreeApplicationssrl.Installer.Meta, PUP.Greentree.YTD.Installer.Installer.Meta (M), PUP.GreenTree.Installer.Meta (M), PUP.YTD.Installer.Installer.Meta (M), PUP.GreenTree (M), PUP.Greentree.YTD.Installer (M), PUP.YTD.Installer (M)

100.00%

Bkav FE

W32.HfsAdware

2.13%

Zillya! Antivirus

Adware.Agent.Win32.75599

2.13%

NANO AntiVirus

Riskware.Win32.AdLoad.dxemmd

2.13%

Dr.Web

Adware.Downware.10873

2.13%

McAfee

Artemis!8A5AE67E0CA6

2.13%

Malwarebytes

PUP.Optional.APNToolBar.A

2.13%

Vba32 AntiVirus

Backdoor.Sinowal

2.13%

Baidu Antivirus

Adware.Win32.AskToolbar

2.13%

ESET NOD32

Win32/Bundled.Toolbar.Ask.G potentially unsafe (variant)

2.13%

IKARUS anti.virus

PUA.Offer

2.13%

Fortinet FortiGate

Riskware/Ask

2.13%

avast!

Win32:Adware-gen [Adw]

2.13%

G Data

Win32.Adware.Spigot

2.13%

Quick Heal

AdWare.MSIL.g6 (Not a Virus)

2.13%

The domain www.ytddownloader.com has been seen to resolve to the following 5 IP addresses.

5.79.67.111

hosted-by.leaseweb.com

June 18, 2016

5.79.65.56

hosted-by.leaseweb.com

December 1, 2015

5.79.67.112

hosted-by.leaseweb.com

October 12, 2015

5.79.67.100

hosted-by.leaseweb.com

December 25, 2013

85.17.249.23

August 6, 2013

File downloads found at URLs served by www.ytddownloader.com.

1 / 68 (PUP)

http://www.ytddownloader.com/.../stub.php (ytdsetup.exe)

1 / 68 (PUP)

http://www.ytddownloader.com/.../YTDSetup.exe (50093717e72efaaa9e4e4efae590e7be)

24 / 68 (PUP)

http://www.ytddownloader.com/kits/.../YTDSetup.exe (621fb5fe63616c76540387b7e655bf70)

1 / 68 (PUP)

http://www.ytddownloader.com/.../SetupYTD.exe (ae4d431ff184c57b91bfab8f45f500b7)

0 / 68

http://www.ytddownloader.com/.../mac.php (ytdsetup.dmg)

The following 118 files have been seen to comunicate with www.ytddownloader.com in live environments.

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 5.79.67.111:80

ytdinstaller.exe (YTD Video Downloader)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

browserairexec.exe (BrowserAir by Goobzo)

TCP » 5.79.67.111:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

citrio.exe (Citrio by CatalinaGroup)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

TCP » 5.79.67.111:80

ytdsetup.exe (YTD Video Downloader by GreenTree Applications SRL)

Latest 20 of 131 files

URL:

http://www.ytddownloader.com/

Google Analytics:

UA-25210420

Title:

“YTD Video Converter”

Web server:

nginx

Facebook:

Likes: 17,378

Shares: 72,107

Comments: 1,552

Compete.com:

US visitors: 180,797

Statistics are for the previous month.

Related Domains

youtubedownloadersite.com

ytdinstaller.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.