The domain 4su.files-download-73.com registered by Corp New Ventures Services was initially registered in January of 2016 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in West McLean, Virginia within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrant:
Corp New Ventures Services
Server location:
Virginia, United States (US)
Create date:
Friday, January 22, 2016
Expires date:
Sunday, January 22, 2017
Updated date:
Friday, January 29, 2016
ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.MaxigetLimited.m, PUP.MaxigetLimited.X, PUP.MaxigetLimited.Y, PUP.MaxigetLimited.BB, PUP.NewITLimited.BB, PUP.NewITLimited.m, PUP.New IT Limited.Maxiget, PUP.New IT Limited.MGSoftware.Bundler (M), PUP.New IT Limited.Maxiget (M), PUP.New IT Limited.Maxiget.Bundler (M), PUP.New IT Limited.NewIT.Bundler (M), PUP.New IT Limited.MGSoftwa.Bundler (M), PUP.New IT Limited.MGSoftwa (M), PUP.New IT Limited (M)
100.00%
Dr.Web
Adware.Downware.9045, Adware.Downware.9208, Trojan.DownLoader11.47023, Trojan.DownLoader11.50017, Adware.Downware.10732, Adware.Downware.9208
12.77%
ESET NOD32
Win32/4Shared.Z potentially unwanted application, Win32/4Shared.AC potentially unwanted application, Win32/4Shared.AE potentially unwanted application
12.77%
McAfee
4shared, Program.4shared
12.77%
NANO AntiVirus
Riskware.Win32.ArchSMS.dipmvj, Riskware.Win32.Downware.djhyre, Trojan.Win32.Badur.djjutj, Trojan.Win32.Badur.djxstg
12.77%
Avira AntiVirus
APPL/Downloader.Gen8, APPL/Downloader.Gen4, APPL/4Shared.zien, TR/Agent.41392, PUA/4Shared.Gen4
12.77%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.4Shared
12.77%
Agnitum Outpost
PUA.4Shared
10.64%
G Data
Win32.Application.4Shared, Gen:Variant.Adware.Strictor.70439, Gen:Variant.Strictor.71861, Gen:Variant.Application.Symmi.49456
10.64%
Panda Antivirus
Trj/Genetic.gen
10.64%
Kaspersky
not-a-virus:AdWare.Win32.Agent, Trojan.Win32.Badur
8.51%
Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.70439, Gen:Variant.Strictor.71861, Gen:Variant.Application.Symmi.49456
8.51%
Emsisoft Anti-Malware
Gen:Variant.Adware.Strictor.70439, Gen:Variant.Strictor.71861, Gen:Variant.Application.Symmi.49456
8.51%
MicroWorld eScan
Gen:Variant.Adware.Strictor.70439, Gen:Variant.Strictor.71861, Gen:Variant.Application.Symmi.49456
8.51%
Bitdefender
Gen:Variant.Adware.Strictor.70439, Gen:Variant.Strictor.71861, Gen:Variant.Application.Symmi.49456
8.51%
The domain 4su.files-download-73.com has been seen to resolve to the following 3 IP addresses.
File downloads found at URLs served by 4su.files-download-73.com.
Latest 30 of 47 download URLs
The following 2 files have been seen to comunicate with 4su.files-download-73.com in live environments.
URL:
http://4su.files-download-73.com/