home

cdn.premiumapplicationsdownloads.com

United Privacy Corp

Domain Information

The domain cdn.premiumapplicationsdownloads.com registered by United Privacy Corp was initially registered in August of 2015 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
NAMEPAL.COM, LLC

Server location:
Victoria, Australia (AU)

Create date:
Friday, August 21, 2015

Expires date:
Sunday, August 21, 2016

Updated date:
Thursday, February 18, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:
premiumapplicationsdownloads.com

Whois:
2 premiumapplicationsdownloads.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.CoolAppDownloads.O, PUP.installCore.CoolAppDownloads.Installer (M), PUP.installCore.CoolAppD.Installer (M), PUP.installCore (M)
100.00%

Dr.Web
Trojan.MulDrop5.10078, Trojan.Packed.24524
12.50%

ESET NOD32
Win32/InstallCore.MU potentially unwanted application, Win32/InstallCore.MD potentially unwanted application
12.50%

VIPRE Antivirus
Threat.4786018
12.50%

Sophos
Install Core Click run software
12.50%

Comodo Security
Application.Win32.InstallCore.MZIV
12.50%

AVG
Generic
12.50%

Malwarebytes
PUP.Optional.InstallCore.A
6.25%

Avira AntiVirus
Adware/InstallCore.MUP
6.25%

G Data
Win32.Application.InstallCore
6.25%

herdProtect (fuzzy)
a variant of 032716ba566832595d24a005a94b2f1926851e6f
6.25%

K7 AntiVirus
Trojan
6.25%

The domain cdn.premiumapplicationsdownloads.com has been seen to resolve to the following 4 IP addresses.

185.53.177.13
July 13, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
May 18, 2016

103.224.182.241
lb-182-241.above.com
February 26, 2016

50.112.100.135
ec2-50-112-100-135.us-west-2.compute.amazonaws.com
June 20, 2014

File downloads found at URLs served by cdn.premiumapplicationsdownloads.com.

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (downloadmanagersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (downloadmanagersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=913  (flvplayersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=913  (flvplayersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=913  (FlvPlayerSetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (fileextractorsetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (downloadmanagersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (flvplayersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (downloadmanagersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=913  (downloadmanagersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (fileextractorsetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (flvplayersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (videoconvertersetup.exe)

1 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (flvplayersetup.exe)

9 / 68      (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=913  (fileextractorsetup.exe)

10 / 68    (Adware)
http://cdn.premiumapplicationsdownloads.com/?ic_user_id=344  (flvplayersetup.exe)

The following 225 files have been seen to comunicate with cdn.premiumapplicationsdownloads.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

 
Latest 20 of 231 files

URL:
http://cdn.premiumapplicationsdownloads.com/

Title:
“premiumapplicationsdownloads.com”

Web server:
Apache (PHP/5.4.45-0+deb7u2)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.