home

dl.exfilesdelivery.com

Whois Privacy Shield Services

Domain Information

The domain dl.exfilesdelivery.com registered by Whois Privacy Shield Services was initially registered in November of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
WILLIAM THE CONQUEROR, LLC

Server location:
Massachusetts, United States (US)

Create date:
Friday, November 21, 2014

Expires date:
Monday, November 21, 2016

Updated date:
Thursday, December 3, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Root domain:
exfilesdelivery.com

Whois:
3 exfilesdelivery.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.BechiroSL.W, PUP.Installer.BechiroSL.E, PUP.Installer.BechiroSL.BB, PUP.Installer.BechiroSL.I, PUP.Installer.BechiroSL.O, PUP.Installer.BechiroSL.U, PUP.Installer.BechiroSL.Q, PUP.Installer.BechiroSL.P, PUP.Installer.Solimba, PUP.Solimba.FIRSERIA.Bundler (M)
100.00%

Comodo Security
Application.Win32.Firseria.AFGH, Application.Win32.Firseria.MAP
64.71%

Agnitum Outpost
PUA.Solimba, PUA.Firseria
64.71%

Avira AntiVirus
APPL/Firseria.Gen8, APPL/FirseriaS.A.1
64.71%

Kaspersky
not-a-virus:AdWare.Win32.Fiseria
64.71%

K7 AntiVirus
Unwanted-Program
64.71%

Sophos
Solimba Installer, PUA 'Solimba Installer'
64.71%

VIPRE Antivirus
Threat.4782980
58.82%

Dr.Web
Trojan.DownLoader11.25003, Trojan.MulDrop5.34677
58.82%

Vba32 AntiVirus
Downware.Morstar
58.82%

AVG
Generic, Adware BundleApp.GN, Adware BundleApp.GW
58.82%

Panda Antivirus
Adware/Firseria
58.82%

MicroWorld eScan
Application.Generic.692267, Gen:Variant.Application.Bundler.Kazy.132995
52.94%

IKARUS anti.virus
AdWare.BundleApp, PUA.MSIL.Solimba
52.94%

NANO AntiVirus
Trojan.Win32.MulDrop5.dcygsx, Riskware.Win32.Fiseria.ddrbqo
47.06%

The domain dl.exfilesdelivery.com has been seen to resolve to the following 8 IP addresses.

185.53.179.9
February 26, 2016

185.53.179.7
December 1, 2014

23.0.160.74
a23-0-160-74.deploy.static.akamaitechnologies.com
September 5, 2014

23.0.160.33
a23-0-160-33.deploy.static.akamaitechnologies.com
September 5, 2014

184.51.126.49
a184-51-126-49.deploy.static.akamaitechnologies.com
September 2, 2014

184.51.126.10
a184-51-126-10.deploy.static.akamaitechnologies.com
September 2, 2014

23.67.243.43
a23-67-243-43.deploy.static.akamaitechnologies.com
August 13, 2014

23.67.243.42
August 13, 2014

File downloads found at URLs served by dl.exfilesdelivery.com.

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../Movavi Video Suite.exe  (d68cf3fa6ca5120a0e209a2c344417ed)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../Movavi Video Suite.exe  (863ccd08073691a2f95fe8c7d05938fc)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../AVG AntiVirus Free 2014.exe  (368cf75e0fc2376d3d2b1297cd7ffacd)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../Google Chrome.exe  (2d4c70307eec44cea95eb754c0663272)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../TeamViewer.exe  (c348cf0311ddfc7cd8b4f92dae60a252)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../Internet Download Manager.exe  (aa220ac4a9e1d58d4dd679b84f25fe51)

1 / 68      (Adware)
http://dl.exfilesdelivery.com/n/.../PhotoScape.exe  (be385d6023aaed0f6ea4013a7ebd5977)

32 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.20/.../Microsoft Excel.exe  (d0cecf154ab87580efc17f8f16229254)

33 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.20/.../Windows Media Player.exe  (2129c2ebc5e1358c6fdd2fd614df3c1a)

28 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../i-FunBox.exe  (a32dcc4ed9d8ea0af03f5f8f6d5f6cb7)

28 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../PowerDVD.exe  (4b104dedf743f26e7322cfc4ed433b31)

31 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.20/.../Angry Birds Huge.exe  (42565af2b1899bbcca34ed6f1ccffa9b)

27 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../Microsoft PowerPoint.exe  (70a15aa76dda329083459ebb24af2074)

28 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../Microsoft Word.exe  (cfe4330377a741d511abc06c1dd554a2)

14 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../Windows 7 Home Premium.exe  (4701111ff26e96fa519d8372cc62b791)

39 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.20/.../Logitech Touch Mouse Server.exe  (87914b1e4dc0d90ad80f7136aa1a7be2)

14 / 68    (Adware)
http://dl.exfilesdelivery.com/n/3.1.22.3/.../Java.exe  (d700410fa5a1c5a122c9a58eac0e1de7)

The following 129 files have been seen to comunicate with dl.exfilesdelivery.com in live environments.

TCP » 184.51.126.10:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.49:80
updateadmin.exe

TCP » 184.51.126.49:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.10:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.49:80
UCBrowser.exe (by UCWeb)

TCP » 184.51.126.10:80
cpx.exe (Google Embedded Application)

TCP » 184.51.126.10:80
geniecleaner.exe (Genie Cleaner by Oppoos.com)

TCP » 184.51.126.49:80
browser.exe (Browser)

TCP » 184.51.126.10:80
PastaLeadsService.exe (PastaLeadsService)

TCP » 184.51.126.10:80
ciabbpemapmebndipcheflncoinigapj.crx

TCP » 184.51.126.10:80
becofaobcinoilkmebdbeojebncfepbl.crx

TCP » 184.51.126.10:80
becofaobcinoilkmebdbeojebncfepbl.crx

TCP » 184.51.126.10:80
adajgcbbckplhjnmbjfebijnbmbenonc.crx

TCP » 184.51.126.10:80
nokalcjbbdlpmlbhbpjhfpdggbieahfo.crx

TCP » 184.51.126.10:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.10:80
frameworkengine.exe (Framework)

TCP » 184.51.126.49:443
tofai.exe (Maskiseft Visaal Studio 2010 by Maskiseft Corporatien)

TCP » 184.51.126.49:80
kelheppgiophoagmlfhpkfkojeafleaa.crx

TCP » 184.51.126.49:80
kelheppgiophoagmlfhpkfkojeafleaa.crx

TCP » 184.51.126.49:80
plkbbbidibjhgcplclokadllebnkaled.crx

 
Latest 20 of 135 files

URL:
http://dl.exfilesdelivery.com/

Google Analytics:
UA-48689684

Title:
“exfilesdelivery.com”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.