home

dl.downloadbestfile.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain dl.downloadbestfile.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Tuesday, September 2, 2014

Expires date:
Wednesday, September 2, 2015

Updated date:
Tuesday, September 2, 2014

Root domain:
downloadbestfile.com

Whois:
1 downloadbestfile.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PopelerSystemsl.L, PUP.Installer.PopelerSystemsl.I, PUP.Installer.PopelerSystemsl.V, PUP.Solimba.PopelerSystemsl.Installer (M), PUP.Solimba.EilioDevelopmentssl (M), PUP.Solimba.PopelerS.Installer (M), PUP.Solimba (M)
100.00%

NANO AntiVirus
Trojan.Win32.Morstar.delxop
31.25%

F-Secure
Gen:Variant.Application.Bundler
31.25%

G Data
Gen:Variant.Application.Bundler.Kazy.132995
31.25%

Vba32 AntiVirus
Downware.Morstar
31.25%

Panda Antivirus
Trj/Genetic.gen
31.25%

IKARUS anti.virus
AdWare.BundleApp
31.25%

AVG
Generic, Adware BundleApp.HA
31.25%

SUPERAntiSpyware
PUP.Morstar/Variant
31.25%

Agnitum Outpost
PUA.Downloader
31.25%

VIPRE Antivirus
Threat.4782980
25.00%

Dr.Web
Trojan.DownLoader11.24441
25.00%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Kazy.132995
25.00%

Kaspersky
not-a-virus:Downloader.Win32.Morstar
25.00%

ESET NOD32
MSIL/Solimba.AH potentially unwanted application
25.00%

The domain dl.downloadbestfile.com has been seen to resolve to the following 5 IP addresses.

92.242.140.21
unallocated.barefruit.co.uk
March 11, 2016

23.62.236.59
a23-62-236-59.deploy.static.akamaitechnologies.com
May 5, 2015

23.62.236.33
a23-62-236-33.deploy.static.akamaitechnologies.com
May 5, 2015

184.29.106.123
a184-29-106-123.deploy.static.akamaitechnologies.com
September 11, 2014

184.29.106.128
a184-29-106-128.deploy.static.akamaitechnologies.com
September 11, 2014

File downloads found at URLs served by dl.downloadbestfile.com.

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Windows Media Player.exe  (cd5c400c08b699bd00c47259afcb2185)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../WinRAR.exe  (6af0ed2d3fb151d905a27f7198636b1e)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../PhotoScape.exe  (927b0b60d0a5e65c043501a5f004ef83)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Minecraft.exe  (e27502c1fe540dd49dd37e9cccc1a1cb)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Ares Galaxy.exe  (499fb197207794daea32b04b1e5a4644)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Mkvmerge.exe  (917431ba9abd993f9ab999b5d009ee1b)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Free Video to Tablet PC Converter.exe  (b134e8733cd30b17686422e50210c32d)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../WinRAR 5.00.exe  (053f6e2ec2142f54226d5c8457a15b10)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Point Blank.exe  (db9a5bd9b2acb89b8261ba11753782e7)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../ManyCam Virtual Webcam.exe  (9bcf576cd53f1a0fb445fbb3da7a3b15)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../AMCap.exe  (04edca6683e65bfa31b6caf3249d6cf6)

1 / 68      (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Kurupira WebFilter Free.exe  (8a39205af7b9da1c6962eaf75c4bac61)

33 / 68    (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../uTorrent.exe  (9e5ac54b30ee322ec8d8a5b9977456bc)

31 / 68    (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Ares Galaxy.exe  (20eb08e3e94551324583a3159a815174)

28 / 68    (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../Avast! Free Antivirus.exe  (8f6dc845e2c29d564c52451012d86d0f)

24 / 68    (Adware)
http://dl.downloadbestfile.com/n/3.1.22.17.1/.../herdProtect.exe  (d0563d65a5e2c7b1b85783ac61321a34)

The following 260 files have been seen to comunicate with dl.downloadbestfile.com in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 184.29.106.123:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.29.106.123:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.29.106.123:80
browser.exe (Browser)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 184.29.106.123:80
iaofmdncmakgfhhlkpeohbidhaiedblo.crx

TCP » 184.29.106.123:80
mngefcpkmmnbjempjcmaciklkifcaeea.crx

TCP » 184.29.106.123:80
gfekephmhkjdcfheiepehnlnfkgoipik.crx

TCP » 184.29.106.123:80
epaphgdmipnghjhhebklgdchejelobkg.crx

TCP » 184.29.106.123:80
epaphgdmipnghjhhebklgdchejelobkg.crx

TCP » 184.29.106.123:80
lfchnmkfkdnbfjpfgpnoanodpnnkgdpc.crx

 
Latest 20 of 261 files

URL:
http://dl.downloadbestfile.com/

Web server:
nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.