dl.appzona.org

Privacy protection service - whoisproxy.ru

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pokrovka, Primor'Ye within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
Regional Network Information Center, JSC dba RU-CENTER

Server location:
Primor'Ye, Russia (RU)

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.,RU

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Zona.Chetvertoepokolenie.Installer.Meta (L), PUP.Zona.Chetvertoepokolenie.Installer.Meta (M), PUP.Zona.Chetvert.Installer.Meta (M)
100.00%

Dr.Web
Program.Zona.80, riskware program Program.Zona.80, riskware program Program.Zona.81
40.00%

Rising Antivirus
PE:Malware.RDM.08!5.E[F1]
6.67%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
6.67%

The domain dl.appzona.org has been seen to resolve to the following IP address.

hosted-by.ihc.ru
December 4, 2015

File downloads found at URLs served by dl.appzona.org.

2 / 68      (PUP)
https://dl.appzona.org/.../prazdnik_vzaperti[N5Ea].exe  (12_mesyatsev._novaya_skazka[yzh0].exe)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (Malware)
https://dl.appzona.org/ZonaSetup[8LZt].exe  (e37c7fa7e0221539330b3b0bbb16bf15)

1 / 68      (PUP)

1 / 68      (PUP)
https://dl.appzona.org/ZonaSetup.exe  (zonasetup[m030].exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
https://dl.appzona.org/ZonaSetup[Azxc].exe  (e12ff339a2405c6798c67da9edd7cc24)

2 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

 
Latest 30 of 65 download URLs

URL:
http://dl.appzona.org/

SSL certificate subject:
CN=dl.appzona.org, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.8.0