home

4sd.files-download-71.com

Corp New Ventures Services

Domain Information

The domain 4sd.files-download-71.com registered by Corp New Ventures Services was initially registered in January of 2016 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Zurich, Zurich within Switzerland which resides on the RIPE Network Coordination Centre network.
Registrar:
DOMAINS OF ORIGIN, LLC

Server location:
Zurich, Switzerland (CH)

Create date:
Friday, January 22, 2016

Expires date:
Sunday, January 22, 2017

Updated date:
Friday, January 29, 2016

ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Root domain:
files-download-71.com

Whois:
2 files-download-71.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MaxigetLimited.Y, PUP.MaxigetLimited.P, PUP.MaxigetLimited.d, PUP.New IT Limited, PUP.New IT Limited.Maxiget.Bundler (M), PUP.New IT Limited.Maxiget.Installer (M), PUP.New IT Limited.Maxiget (M), PUP.New IT Limited.NewIT.Bundler (M), PUP.New IT Limited (M)
100.00%

ESET NOD32
Win32/4Shared.AC potentially unwanted application, Win32/4Shared.AE potentially unwanted application
33.33%

Dr.Web
Trojan.DownLoader11.47023, Adware.Downware.9208
33.33%

McAfee
4shared
33.33%

NANO AntiVirus
Trojan.Win32.Badur.djjutj, Riskware.Win32.Downware.djhyre
33.33%

Avira AntiVirus
TR/Agent.84000, APPL/4Shared.43944, APPL/Downloader.Gen4
33.33%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
33.33%

Panda Antivirus
Trj/Genetic.gen, Trj/Downloader.WKR
33.33%

Comodo Security
Application.Win32.4Shared.FG, Application.Win32.Maxiget.HSR
33.33%

Agnitum Outpost
PUA.4Shared
33.33%

IKARUS anti.virus
PUA.4Shared, Trojan.Win32.Badur
33.33%

K7 AntiVirus
Unwanted-Program , Trojan
25.00%

AhnLab V3 Security
Win-Trojan/Malpacked3.Gen, Trojan/Win32.Agent
25.00%

VIPRE Antivirus
Threat.4150696
25.00%

Lavasoft Ad-Aware
Gen:Variant.Strictor.70439, Gen:Variant.Application.Symmi.49456
16.67%

The domain 4sd.files-download-71.com has been seen to resolve to the following 4 IP addresses.

204.11.56.48
February 25, 2016

141.8.225.244
January 27, 2016

162.159.245.167
November 29, 2014

162.159.246.167
November 29, 2014

File downloads found at URLs served by 4sd.files-download-71.com.

1 / 68      (Adware)
https://4sd.files-download-71.com/.../GTA San Andreas - Hot Coffee.exe  ({blocked}.exe)

1 / 68      (Adware)
https://4sd.files-download-71.com/.../Florida Georgia Line - iTunes Session (2....exe  (f3d4407efacc5b7761c3eb118670496e)

1 / 68      (Adware)
https://4sd.files-download-71.com/smart-download/.../??????????? ??????????? ??????????? ????”????????? 3 ?????????.exe  (กาโว กาโว กาโว แดนซ์ 3 ช่า.exe)

1 / 68      (Adware)
https://4sd.files-download-71.com/.../02. the forever of ella & micha - jessic....exe  (8d8b67bcce61c0f8c467fbb02cfd2115)

1 / 68      (Adware)
https://4sd.files-download-71.com/smart-download/.../SaveAs.exe  (04deeda2602da5d2b0f155946eddae16)

1 / 68      (Adware)
https://4sd.files-download-71.com/smart-download/.../???????????”????????? ?????????????— ????????? ???????????2 ?????”??? ???????????????????????.exe  (จันดารา ปฐมบท ซูม แผ่น2 โดย ปาล์กคุง.exe)

1 / 68      (Adware)
https://4sd.files-download-71.com/.../drivereasy_setup.exe  (69c5df3a0ef6f8e5d5fca17c738eee5e)

1 / 68      (Adware)
https://4sd.files-download-71.com/smart-download/.../Natiruts - Você me encantou demais.exe  (Natiruts - Você me encantou demais.exe)

26 / 68    (Adware)
https://4sd.files-download-71.com/.../Maple 9.5.exe  (6534e427349c6dd51449e6d67674877b)

12 / 68    (Adware)
https://4sd.files-download-71.com/.../???? ?????? & ???? ?????? ????? ???.exe  (وليد الشامي & راشد الماجد سافرت عني.exe)

14 / 68    (Adware)
https://4sd.files-download-71.com/.../4shared_Desktop.exe  (d14501e0be1ba591b99ac8cdd0cbdbda)

29 / 68    (Adware)
https://4sd.files-download-71.com/.../Writing_Academic_English.exe  (1840feb7e108bc9d3ef557c2560f0529)

The following 2 files have been seen to comunicate with 4sd.files-download-71.com in live environments.

TCP » 204.11.56.48:80
chrome.crx

TCP » 204.11.56.48:80
chrome.crx

URL:
http://4sd.files-download-71.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.