home

24upgradecheck.install4freealways.online

Domain Information

Server location:
Ile-De-France, France (FR)

ASN:
AS12876 AS12876 ONLINE S.A.S., FR

Root domain:
install4freealways.online

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Norman
Gen:Variant.MSILPerseus.30942
66.67%

Reason Heuristics
PUP.DigitalZ.Installer (M), PUP.OOOELEKT.Installer (M)
66.67%

ESET NOD32
MSIL/TrojanDownloader.Adload.AZ trojan
33.33%

F-Secure
Variant.MSILPerseus.30942
33.33%

The domain 24upgradecheck.install4freealways.online has been seen to resolve to the following IP address.

163.172.197.165
163-172-197-165.rev.poneytelecom.eu
June 5, 2016

File downloads found at URLs served by 24upgradecheck.install4freealways.online.

1 / 68      (PUP)
http://24upgradecheck.install4freealways.online/dl.php?mncs=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=178044490051&sid=332522&conversion_id=14634211216174&app_id=4&lp_id=1681&v=tribat&stub_id=305&v_id=uJc9Zc5KFQ_UcGudmLoUm0pQWHKs5B3-4MvbiQSdZVs.&lpp=w10*-*-*  (adobe_flash_player.exe)

2 / 68      (PUP)
http://24upgradecheck.install4freealways.online/dl.php?mncs=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=177960854974&sid=26518&conversion_id=14632562013535&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=DMPtmxTyHN0ZKX6zNnsnFzUQDKOXIlhQfLL0DiZO-8k.&lpp=*-*-*  (flash_player_setup.exe)

1 / 68      (PUP)
http://24upgradecheck.install4freealways.online/dl.php?mncs=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=192451425693&sid=320429&conversion_id=14634093689174&app_id=4&lp_id=1675&v=tribat&stub_id=305&v_id=D-cfI_q3Z-ebK3nh0ss67SbcylSraDiITu3TGgVKeSo.&lpp=w10*-*-*  (adobe_flash_player.exe)

1 / 68      (PUP)
http://24upgradecheck.install4freealways.online/dl.php?mncs=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=193779878042&sid=3571&conversion_id=14634421676744&app_id=4&lp_id=1671&v=tribat&stub_id=305&v_id=UlucXUFHuiGHD1bM98kH5u9aUGuvSxepbBYJJOb3Zfc.&lpp=w10*-*-*  (adobe_flash_player.exe)

3 / 68      (Malware)
http://24upgradecheck.install4freealways.online/dl.php?mncs=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=192800147572&sid=621779&conversion_id=14632744424441&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=BTwMk1EB2enzK4vxW7zPPldMYTV28ZWw0jG_uY_mjGU.&lpp=*-*-*  (flash_player_setup.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.