The domain yourinstaller.com registered by Whois Privacy Corp. was initially registered in March of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher Adknowledge.
INTERNET DOMAIN SERVICE BS CORP
Virginia, United States (US)
Friday, March 21, 2014
Monday, March 21, 2016
Saturday, December 12, 2015
AS14618 AMAZON-AES - Amazon.com, Inc.
Detections (100% detected)
PUP.Adknowledge.INSTALLTHIS.Installer (M), PUP.Adknowledge.Bundler (M), PUP.Adknowledge.WARPINSTALLER.Installer (M), PUP.Adknowledge.FusionInstall.Installer (M), PUP.Adknowledge.FUSIONINSTALLER.Installer (M), PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.FileFalcon.Bundler (M), PUP.iBryte.Bundler
PUA.Agent, PUA.iBryte, PUA.Downloader
iBryte Optimum Installer, PUA 'iBryte Optimum Installer', PUA.iBryte Optimum Installer
Trojan.Packed.27999, Trojan.DownLoader11.25708, Trojan.Packed.26508, Trojan.Packed.27146, Trojan.Packed.26807, Trojan.Packed.27034
Threat.4778314, Threat.4150696, Threat.4733199, Optimum Installer, Trojan.Win32.Generic
ADWARE/Adware.Gen7, APPL/OptInstall.zaxz, APPL/OptInstal.opwb, Adware/iBryte.bxjq, Adware/iBryte.Z, Adware/iBryte.bxlo
PE:Malware.iBryte!6.192B, PE:Malware.Agent!6.175E, PE:Malware.iBryte!6.197B, PE:Malware.iBryte!6.14B5
Adware AdPlugin, Generic_s
Qihoo 360 Security
not-a-virus:AdWare.Win32.iBryte, Trojan.Win32.Badur, not-a-virus:Downloader.Win32.Agent, HEUR:Trojan.Win32.Generic
Win32.Troj.Badur.hr.(kcloud), Win32.Troj.iBryte.j.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.Troj.DownAgent.bk.(kcloud)
K7 Gateway Antivirus
The domain yourinstaller.com has been seen to resolve to the following 4 IP addresses.
July 10, 2014
July 10, 2014
May 1, 2014
April 14, 2014
File downloads found at URLs served by yourinstaller.com.
The following file have been seen to comunicate with yourinstaller.com in live environments.