The domain captdownload.com is registered by proxy through TUCOWS DOMAINS INC. and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Contact Privacy Inc. Customer 0135242611
Registrar:
TUCOWS DOMAINS INC.
Server location:
Virginia, United States (US)
Create date:
Wednesday, July 31, 2013
Expires date:
Sunday, July 31, 2016
Updated date:
Friday, August 7, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (97% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.INSTALLTHIS.R, Threat.Win.Reputation.IMP, PUP.Installer.BootCompute.F, PUP.Systweak.TUNEUPPR.Installer.Meta (L), PUP.Installer.TigerDownload.R, PUP.Installer.BootCompute.R, PUP.Systweak.SUPERTUN.Installer.Meta (M), PUP.Bundler.Adknowledge, PUP.Adknowledge.BootCompute.Bundler (M), PUP.Adknowledge.INSTALLTHIS.Installer (M), PUP.Adknowledge.ComputeClient.Installer (M), PUP.Adknowledge.BootComp.Bundler (M), PUP.Adknowledge.INSTALLT.Installer (M)
100.00%
Avira AntiVirus
TR/Kazy.439479.2, ADWARE/iBryte.Gen4, BDS/Bredolab.bexys, Adware/iBryte.bxox, APPL/OpenInst.pepqu
65.71%
Kaspersky
not-a-virus:Downloader.NSIS.Agent, Trojan-Clicker.Win32.Agent, not-a-virus:Downloader.Win32.Agent, Backdoor.Win32.Bredolab
62.86%
VIPRE Antivirus
Threat.4778314, Threat.4798837
60.00%
Comodo Security
Application.Win32.IBryte.AR, Application.Win32.AgentCV.HWYE, Application.Win32.Optimum.DS
60.00%
AhnLab V3 Security
PUP/Win32.IBryte, Adware/Win32.IBryte
60.00%
Vba32 AntiVirus
Downloader.Agent, AdWare.iBryte, suspected of Trojan.Downloader.gen.h, Trojan.Buzus
60.00%
AVG
Generic, Adware AdPlugin.ADG, Adware AdPlugin.ADQ, Adware AdPlugin.ABD, Trojan horse BackDoor.Generic18.BBZI, Adware AdPlugin.ADE
60.00%
avast!
Win32:Adware-gen [Adw], Win32:Rootkit-gen [Rtk], Win32:PUP-gen [PUP]
60.00%
Dr.Web
Trojan.Click3.5306, Adware.iBryte.480, Trojan.DownLoader11.30244, Trojan.DownLoader11.30479, Trojan.DownLoader11.43837, Trojan.DownLoader11.31696
60.00%
IKARUS anti.virus
Trojan-Clicker.BFNI, not-a-virus:AdWare.iBryte, Trojan.Win32.Inject, Trojan.Win32.Buzus
60.00%
NANO AntiVirus
Trojan.Win32.Adpeak.cumkpw, Trojan.Win32.Bredolab.dizbxn, Trojan.Win32.Badur.delgwh, Trojan.Win32.Buzus.dcusci
60.00%
Zillya! Antivirus
Adware.iBryte.Win32.854, Backdoor.Bredolab.Win32.16161, Adware.iBryte.Win32.1629
60.00%
F-Prot
W32/A-c255719d, W32/A-518685a3, W32/A-4ab0b861
60.00%
Sophos
iBryte Optimum Installer, PUA.iBryte Optimum Installer, Mal/Inject-CEE
57.14%
The domain captdownload.com has been seen to resolve to the following 11 IP addresses.
ec2-54-210-180-22.compute-1.amazonaws.com
April 2, 2016
ec2-54-84-187-203.compute-1.amazonaws.com
April 2, 2016
ec2-52-22-129-36.compute-1.amazonaws.com
February 12, 2016
ec2-52-20-41-248.compute-1.amazonaws.com
February 9, 2016
ec2-52-20-182-179.compute-1.amazonaws.com
December 25, 2015
ec2-52-20-167-28.compute-1.amazonaws.com
December 4, 2015
ec2-54-85-105-202.compute-1.amazonaws.com
August 11, 2015
ec2-107-21-120-240.compute-1.amazonaws.com
November 29, 2014
ec2-50-19-244-90.compute-1.amazonaws.com
November 29, 2014
ec2-50-16-246-149.compute-1.amazonaws.com
September 2, 2014
ec2-54-197-252-60.compute-1.amazonaws.com
August 22, 2014
File downloads found at URLs served by captdownload.com.
Latest 30 of 36 download URLs
The following 4 files have been seen to comunicate with captdownload.com in live environments.
URL:
http://captdownload.com/
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)