68174.get-wn.net

Starline Alliance LTD.

Domain Information

The domain 68174.get-wn.net registered by Starline Alliance LTD. was initially registered in September of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the DFW Internet Services, Inc. network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Monday, September 22, 2014

Expires date:
Tuesday, September 22, 2015

Updated date:
Monday, September 22, 2014

ASN:
AS35415 WEBAZILLA Webazilla B.V.,NL

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Packed.29217
100.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Winner Solutions
100.00%

Bitdefender
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%

F-Secure
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%

Avira AntiVirus
APPL/Downloader.Gen4, TR/Kazy.2297856
100.00%

G Data
Gen:Variant.Graftor.162037, Gen:Variant.Kazy.473220
100.00%

ESET NOD32
Win32/bmMedia.DN (variant), Win32/bmMedia.EI
100.00%

AVG
Downloader, Win.Threat.Medium, Generic
100.00%

Reason Heuristics
PUP.SOFTON.h, PUP.Installer.SAASMIKRO.N
100.00%

avast!
Win32:Dropper-gen [Drp]
66.67%

Lavasoft Ad-Aware
Gen:Variant.Graftor.162037
66.67%

Emsisoft Anti-Malware
Gen:Variant.Graftor.162037
66.67%

F-Prot
W32/A-f5ab4d7a
66.67%

Qihoo 360 Security
Malware.QVM20.Gen
33.33%

MicroWorld eScan
Gen:Variant.Kazy.473220
33.33%

The domain 68174.get-wn.net has been seen to resolve to the following IP address.

November 2, 2014

File downloads found at URLs served by 68174.get-wn.net.

16 / 68    (Adware)

13 / 68    (Adware)

13 / 68    (Adware)

URL:
http://68174.get-wn.net/

Google Analytics:
UA-37292325

Title:
“DownloadFileSetup downloading...”

Web server:
nginx (PHP/5.3.10-1ubuntu3.9)