home

cdn-s5.gdatafiles.net

Starline Alliance LTD.

Domain Information

The domain cdn-s5.gdatafiles.net registered by Starline Alliance LTD. was initially registered in October of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Austin, Texas within the United States which resides on the YHC Corporation network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Texas, United States (US)

Create date:
Friday, October 10, 2014

Expires date:
Monday, October 10, 2016

Updated date:
Sunday, October 11, 2015

ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Root domain:
gdatafiles.net

Whois:
2 gdatafiles.net records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.LABORATO.Installer (M), PUP (M)
100.00%

The domain cdn-s5.gdatafiles.net has been seen to resolve to the following 3 IP addresses.

209.99.40.223
209-99-40-223.fwd.datafoundry.com
October 29, 2015

209.99.40.222
209-99-40-222.fwd.datafoundry.com
October 28, 2015

185.36.100.166
October 20, 2014

File downloads found at URLs served by cdn-s5.gdatafiles.net.

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t7054.0.0.2.1710ee6add35b16&file_name=DownloadFileSetup  (downloadfilesetup_37xqj.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t2839.17990.0.2.3110cbc04719612&file_name=DownloadFileSetup  (downloadfilesetup_40uno.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t8df5b.0.0.1.31108766c029320&file_name=DownloadFileSetup  (downloadfilesetup_242ef.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.0211bda9a21e322&file_name=DownloadFileSetup  (downloadfilesetup_48lfv.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17990.0.2.23107dc0df72017&file_name=DownloadFileSetup  (downloadfilesetup_79jwz.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17990.0.2.011161234c65906&file_name=DownloadFileSetup  (downloadfilesetup_28lj1.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=tcaca.17990.0.2.2410ba653cac117&file_name=DownloadFileSetup  (downloadfilesetup_94ypa.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.0211fa0ceb1ba22&file_name=DownloadFileSetup  (downloadfilesetup_008k3.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17990.0.2.3110253071ab421&file_name=DownloadFileSetup  (downloadfilesetup_96u4l.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.191049162e01616&file_name=DownloadFileSetup  (downloadfilesetup_96v65.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.12712.0.2.2710b5e0c48a218&file_name=DownloadFileSetup  (downloadfilesetup_64d2k.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17990.0.2.2310b359c6cdb17&file_name=DownloadFileSetup  (downloadfilesetup_14wta.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.2210cdf22b1e818&file_name=DownloadFileSetup  (downloadfilesetup_708gl.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.021197f08c56818&file_name=DownloadFileSetup  (downloadfilesetup_52nl4.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.02111bf46d0d918&file_name=DownloadFileSetup  (downloadfilesetup_45wtm.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17045.0.2.1610e36de573219&file_name=DownloadFileSetup  (downloadfilesetup_04ki5.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.0211c739e719515&file_name=DownloadFileSetup  (downloadfilesetup_16dbg.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.22106d448944e04&file_name=DownloadFileSetup  (downloadfilesetup_99osr.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.22106a24e4a1820&file_name=DownloadFileSetup  (downloadfilesetup_861g6.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.021127bd8b83c16&file_name=DownloadFileSetup  (downloadfilesetup_63qvl.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.221043f4a3ae106&file_name=DownloadFileSetup  (downloadfilesetup_98rni.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.20104be66cde522&file_name=DownloadFileSetup  (downloadfilesetup_29jmh.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.17990.0.2.2410bab4eae0212&file_name=DownloadFileSetup  (downloadfilesetup_515sv.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t8df5b.0.0.1.1610f97113ccc02&file_name=DownloadFileSetup  (downloadfilesetup_95lim.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.241067153d7a005&file_name=DownloadFileSetup  (downloadfilesetup_83aov.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.20101eeae0ca906&file_name=DownloadFileSetup  (downloadfilesetup_45zaz.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.0211187bc3f0919&file_name=DownloadFileSetup  (downloadfilesetup_28esb.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=t9f9a.17990.0.2.02110df27692322&file_name=DownloadFileSetup  (downloadfilesetup_18wmk.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.2210fdcae569a01&file_name=DownloadFileSetup  (downloadfilesetup_25mcs.exe)

1 / 68      (Adware)
http://cdn-s5.gdatafiles.net/fp/.../?carrier_cmd_uri=&referral=ta28c.12712.0.2.21107df0c5e0520&file_name=DownloadFileSetup  (downloadfilesetup_34d8w.exe)

 
Latest 30 of 382 download URLs

The following 57 files have been seen to comunicate with cdn-s5.gdatafiles.net in live environments.

TCP » 209.99.40.222:80
UCBrowser.exe (by UCWeb)

TCP » 209.99.40.223:80
UCBrowser.exe (by UCWeb)

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
hkcmd.exe (Intel Common User Interface by Intel)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
online-guardian-v2.0.9.exe

TCP » 209.99.40.223:80
jingling.exe

TCP » 209.99.40.223:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.223:80
hkcmd.exe (Intel Common User Interface by Intel)

TCP » 209.99.40.222:80
msn.exe

TCP » 209.99.40.222:80
apptrailers.exe

TCP » 209.99.40.223:80
online-guardian-v2.0.9.exe

 
Latest 20 of 83 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.