home

dl.1download.io

Domain Information

Server location:
New York, United States (US)

ASN:
AS393406 DIGITALOCEAN-ASN-NY3 - Digital Ocean, Inc.,US

Root domain:
1download.io

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.Vittalia, PUP.Air Software.Bundler, PUP.Vittalia.Bundler, PUP.Air Software.DownloadAssistant.Bundler (M), PUP.Vittalia.InstallHelper.Installer (M), PUP.Vittalia.InstallH.Installer (M), PUP.Air Software (M)
100.00%

Dr.Web
Trojan.Vittalia.13, Trojan.Vittalia.17, Trojan.Vittalia.30, Trojan.Vittalia.76
55.56%

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application, Win32/DownloadAssistant.B potentially unwanted application
55.56%

AVG
Generic
55.56%

avast!
Win32:Dropper-gen [Drp], Win32:Adware-CKN [PUP], Win32:Adware-CKC [PUP]
44.44%

NANO AntiVirus
Trojan.Win32.DownLoader12.dncixg, Trojan.Win32.Vittalia.dqfrig, Trojan.Win32.Vittalia.dowmzz
44.44%

Comodo Security
Packed.Win32.MUPX.Gen, Application.Win32.DownloadAssistant.S
44.44%

Avira AntiVirus
TR/Crypt.XPACK.Gen7
44.44%

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
44.44%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.AirInstaller.5
33.33%

VIPRE Antivirus
Threat.4782985, AirInstaller
33.33%

F-Secure
Riskware.Gen:Variant.Application.Bundler
33.33%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.AirInstaller
33.33%

Bkav FE
W32.HfsAdware
33.33%

MicroWorld eScan
Gen:Variant.Application.Bundler.AirInstaller.5
33.33%

The domain dl.1download.io has been seen to resolve to the following 2 IP addresses.

159.203.107.180
fd-03-do-e-ny-3.gtdlrfwd.com
November 18, 2015

104.131.2.201
useast.gtdlrfwd.com
May 5, 2015

File downloads found at URLs served by dl.1download.io.

1 / 68      (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?d=http://files.1download.io/appsv1/apps_storage/jre-8u31-windows-x64.exe&key=4ce33600e3dc7e11a796eec2e94c4a9c10fe83ab252dd3a8a2fd36fec71ac28a&sid=java-64&uid=&affiliate_image=http://files.1download.io/appsv1/v1.0/airlogo_a_java.png&product_image=http://files.1download.io/appsv1/v1.0/airlogo_b_java.png&n=Java 8.31 (64-bit)&filename=setup_java_64bit&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_java_64bit.exe)

1 / 68      (Adware)
http://dl.1download.io/v2/click/858a5f02/?d=http://files.1download.io/appsv1/apps_storage/internetdownloadman621build15.exe&key=3ac82192684104d64a0d72b6854b2e77673fd398ac5cd28342e783e14a2f2a3c&sid=IDM&uid=&affiliate_image=http://files.1download.io/appsv1/v1.0/airlogo_a_internet_download_manager.png&product_image=http://files.1download.io/appsv1/v1.0/airlogo_b_internet_download_manager.png&n=Internet Download Manager&filename=setup_internet_download_manager&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_internet_download_manager.exe)

1 / 68      (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?affiliate_image=http://files.1download.io/.../airlogo_a_adw_cleaner.png&cancel_url=http://www.1download.io/v1b/thankyou.html&d=http://files.1download.io/appsv1/apps_storage/AdwCleaner_4.112.exe&done_url=http://www.1download.io/v1b/thankyou.html&filename=setup_adw_cleaner&key=f01659740ac04528948e53ace72553c6b0359a7157fd0aaec1dbea7bcef3eb02&n=ADW Cleaner 4.112&product_image=http://files.1download.io/.../airlogo_b_adw_cleaner.png&sid=AdwCleaner.US_8565044991_s0_v4.0_us_adwcleaner_e_adwcleaner_0_none&uid=8d5a9623-bfac-7e08-2e79-4dfdc4d2e750&uao=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgNi4xKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMzguMC4yMTI1LjEwNCBTYWZhcmkvNTM3LjM2  (setup_adw_cleaner.exe)

1 / 68      (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?affiliate_image=http://files.1download.io/.../airlogo_a_adobe_reader.png&cancel_url=http://www.1download.io/v1b/thankyou.html&d=http://files.1download.io/appsv1/apps_storage/AdbeRdr11010_en_US.exe&done_url=http://www.1download.io/v1b/thankyou.html&filename=setup_adobe_reader&key=e8f95cf18c7e74c79fd62d631a3cedd28f8c3886ee683efe97336c590430d91a&n=Adobe Reader&product_image=http://files.1download.io/.../airlogo_b_adobe_reader.png&sid=Adobe Reader.US_7590578634_s0_v1.04b_us_adobe pdf free download_e_adobe pdf free download_0_none_b_us&uid=2a5b3f8b-5b61-db29-7ac1-c139be4347f2_Adobe Reader.US_7590578634_s0_v1.04b_us_adobe pdf free download_e_adobe pdf free download_0_none_b_us&uao=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgNi4xOyBXT1c2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzQzLjAuMjM1Ny4xMjQgU2FmYXJpLzUzNy4zNg__  (setup_adobe_reader.exe)

25 / 68    (Adware)
http://dl.1download.io/v2/click/858a5f02/?d=http://files.1download.io/appsv1/apps_storage/Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe&key=5c71fb419528e433f693a8165a96d72ef4247493e9648f482790b62ae50b2696&sid=open-office&uid=1973920946.1424956099&affiliate_image=http://files.1download.io/appsv1/v1.0/airlogo_a_open_office.png&product_image=http://files.1download.io/appsv1/v1.0/airlogo_b_open_office.png&n=Open Office&filename=setup_open_office&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_open_office.exe)

21 / 68    (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?d=http://files.1download.io/appsv1/apps_storage/Shockwave_Installer_Slim.exe&key=c9c65f6b30af8fe7c613e80091d33566fa0730654e832ecf8b66dd64c60d6217&sid=Shockwave Player.US_8558111422_s0_v4.0_us_shockwave flash object_p_"Shockwave Flash Object" Flash32_18_0_0_160.ocx_0_none_b_us&uid=e7032b16-95af-6346-6a35-528b825b4b23&affiliate_image=http://files.1download.io/v1images/airlogo_a_adobe_shockwave_player.png&product_image=http://files.1download.io/v1images/airlogo_b_adobe_shockwave_player.png&n=Adobe Shockwave Player&filename=setup_adobe_shockwave_player&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_adobe_shockwave_player.exe)

20 / 68    (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?d=http://files.1download.io/appsv1/apps_storage/AdwCleaner_4.112.exe&key=f01659740ac04528948e53ace72553c6b0359a7157fd0aaec1dbea7bcef3eb02&sid=AdwCleaner.US_7590593169_s0_v1.04b_us_adwcleaner download link_e_adwcleaner download link_0_none&uid=e0f687f0-d7f3-5314-48f0-f1403b5410b3&affiliate_image=http://files.1download.io/v1images/airlogo_a_adw_cleaner.png&product_image=http://files.1download.io/v1images/airlogo_b_adw_cleaner.png&n=ADW Cleaner 4.112&filename=setup_adw_cleaner&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_adw_cleaner.exe)

9 / 68      (Adware)
http://dl.1download.io/v2/click/n6bvia8n/?d=http://files.1download.io/appsv1/apps_storage/vlc-2.2.0-rc2-win32.exe&key=176633205ab296a14d04d9a80b6f9c476c0289f3bbc3c2f9454a4b306124b299&sid=vlc&uid=805938282.1424095459&affiliate_image=http://files.1download.io/appsv1/v1.0/airlogo_a_vlc_media_player.png&product_image=http://files.1download.io/appsv1/v1.0/airlogo_b_vlc_media_player.png&n=VLC Media Player&filename=setup_vlc_media_player&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_vlc_media_player.exe)

7 / 68      (Adware)
http://dl.1download.io/v2/click/858a5f02/?d=http://files.1download.io/appsv1/apps_storage/vlc-2.2.0-rc2-win32.exe&key=176633205ab296a14d04d9a80b6f9c476c0289f3bbc3c2f9454a4b306124b299&sid=vlc&uid=1635375386.1424381660&affiliate_image=http://files.1download.io/appsv1/v1.0/airlogo_a_vlc_media_player.png&product_image=http://files.1download.io/appsv1/v1.0/airlogo_b_vlc_media_player.png&n=VLC Media Player&filename=setup_vlc_media_player&done_url=http://www.1download.io/.../thankyou.html&cancel_url=http://www.1download.io/.../thankyou.html  (setup_vlc_media_player.exe)

The following 14 files have been seen to comunicate with dl.1download.io in live environments.

TCP » 104.131.2.201:80
setup.exe (Google Chrome by Download Assistant)

TCP » 104.131.2.201:80
setup.exe (DVD Shrink by Download Publisher)

TCP » 104.131.2.201:80
setup.exe (Java Runtime by Download Assistant)

TCP » 104.131.2.201:80
setup.exe (WinZip by Download Assistant)

TCP » 104.131.2.201:80
Microsoft_Security_Essentials_Setup.exe (Microsoft Security Essentials by Download Assistant)

TCP » 104.131.2.201:80
Setup.exe (Java Runtime by Download Manager)

TCP » 104.131.2.201:80
Avast_Setup_2015.exe (Avast by Download Assistant)

TCP » 104.131.2.201:80
googlechromeupdatesetup.exe (Google Chrome by Install Helper)

TCP » 104.131.2.201:80
setup_adobe_reader.exe (Adobe Reader by Install Helper)

TCP » 104.131.2.201:80
AdobeReaderSetup-22796854.exe (Adobe Reader by Install Helper)

TCP » 104.131.2.201:80
chrome_installer.exe (Google Chrome Browser by DownloadAsst_New)

TCP » 104.131.2.201:80
microsoftsilverlightupdatesetup.exe (Microsoft Silverlight by Download Assistant)

TCP » 104.131.2.201:80
Firefox Setup.exe (Firefox by Install Assistant)

TCP » 104.131.2.201:80
malwarebytes anti-malware setup.exe (Malwarebytes Anti-Malware by Download Assistant)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.