ad.propellerads.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain ad.propellerads.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Utrecht, Utrecht within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Utrecht, Netherlands (NL)

Create date:
Wednesday, May 25, 2011

Expires date:
Friday, May 25, 2018

Updated date:
Friday, August 21, 2015

ASN:
AS35415 WEBAZILLA Webazilla B.V.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.a, PUP.Installer.Amonetizeltd.EE, PUP.Installer.Amonetizeltd.e, PUP.Wilmaonline.q, PUP.Installer.ShetefSolutionsConsulting1998.d, PUP.ExtendedSetup.c, PUP.PCFaster (L), Adware.Amonetize.Bundler (M), Threat.Win.Reputation.IMP, PUP.Amonetize.Bundler (M), PUP.installCore.WorldSet (M), PUP.Tuguu.Bundler (M), PUP.Adknowledge.FUSIONIN.Bundler (M), PUP.Amonetize.TEHSNABS.Bundler (M), PUP.Tuguu.Awimba.Bundler (M), PUP.installCore.Extended (M), PUP.TIMP.OOOTIMP1.Bundler (M), PUP.Tuguu.Cloverme.Bundler (M), PUP.Tuguu.LunacomI.Bundler (M), Adware.Amonetize.Installer.Installer.Meta (M)
97.73%

Malwarebytes
PUP.Optional.InstallMonetizer, PUP.Optional.Amonetize.A, PUP.Optional.InstallCore
50.00%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.AI (variant), Win32/Amonetize.AG (variant), Win32/Amonetize.AJ (variant), Win32/InstallCore.IS (variant)
47.73%

Avira AntiVirus
Adware/Amonetize.E.1, APPL/Amonetize.A, ADWARE/Adware.Gen2, ADWARE/InstallCore.Gen7
45.45%

Trend Micro House Call
TROJ_GEN.F47V1118, TROJ_GEN.F47V1108, TROJ_GEN.F47V1114, TROJ_GEN.F47V0918, TROJ_GEN.F47V1029, TROJ_GEN.F47V0313, TROJ_GEN.F47V0304
43.18%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, InstallCore
43.18%

Sophos
Amonetize, Install Core Click run software
40.91%

McAfee
Artemis!D9450DCB35E7, Artemis!0809F462F8DF, Artemis!61694A9BADE3, Artemis!EED95BD36931, Artemis!81BA3E147029, Artemis!37D9CDC1A4B3, Artemis!AC04B4FDAB43, PUP-FBM!EC904BB78BBD, PUP-FBM!8888DD336443, Artemis!B260F8AA3973, Artemis!373DB4089762
38.64%

Dr.Web
Adware.Downware.1729, Adware.Downware.1643, Adware.Downware.1339, Adware.Downware.1528, Adware.Downware.1575, Adware.Downware.2467
38.64%

AhnLab V3 Security
PUP/Win32.Amonetiz
36.36%

AVG
Skodna.Generic_c, MalSign.Generic, MalSign.Wilmo, Generic_r, MalSign.InstallC
31.82%

avast!
Win32:Amonetize-N [PUP], Win32:Amonetize-M [PUP], Win32:Amonetize-AK [PUP], Win32:Amonetize-AM [PUP], Win32:Amonetize-Y [PUP]
29.55%

Baidu Antivirus
Adware.Win32.Amonetize, PUA.Win32.Amonetize
27.27%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize, Riskware/InstallCore, MSIL/Kryptik.NM!tr
25.00%

Qihoo 360 Security
Win32/Virus.Adware.932, HEUR/Malware.QVM20.Gen
25.00%

The domain ad.propellerads.com has been seen to resolve to the following 9 IP addresses.

May 19, 2016

May 19, 2016

May 19, 2016

October 9, 2014

October 9, 2014

October 9, 2014

v-2-do15-d1260-205.webazilla.com
June 21, 2014

v-2-eu22-d951-46.webazilla.com
December 22, 2013

v-2-do13-d1175-109.webazilla.com
December 22, 2013

File downloads found at URLs served by ad.propellerads.com.

 
Latest 30 of 100 download URLs

The following 7 files have been seen to comunicate with ad.propellerads.com in live environments.

URL:
http://ad.propellerads.com/

Title:
“Google”

Description:
“Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.”

SSL certificate subject:
CN=*.propellerads.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT65295266

SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US

Web server:
gws

Facebook:
Likes:  9,224,062
Shares:  10,272,140
Comments:  2,319,501

Statistics are for the previous month.