The domain dl.filestodown.com registered by Corp New Ventures Services was initially registered in October of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrant:
Corp New Ventures Services
Registrar:
LINE DRIVE DOMAINS, LLC
Server location:
Massachusetts, United States (US)
Create date:
Thursday, October 22, 2015
Expires date:
Saturday, October 22, 2016
Updated date:
Thursday, October 29, 2015
ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US
Scanner detections:
Detections (94% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.EilioDevelopmentssl.N, PUP.Installer.EilioDevelopmentssl.L, PUP.Installer.EilioDevelopmentssl.K, Threat.Win.Reputation.IMP, PUP.EilioDevelopmentssl.K, PUP.EilioDevelopmentssl.M, PUP.Solimba.EilioDevelopmentssl.Installer (M), PUP.Solimba.Installer, PUP.Solimba.EilioDev.Installer (M), PUP.Solimba (M)
100.00%
VIPRE Antivirus
Threat.4782980, DownloadMR, Threat.4150696
41.18%
Dr.Web
Trojan.DownLoader11.24441
41.18%
ESET NOD32
MSIL/Solimba.AH potentially unwanted application
41.18%
Kaspersky
not-a-virus:Downloader.Win32.Morstar
41.18%
MicroWorld eScan
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria.M, Gen:Variant.Strictor.65704
41.18%
Malwarebytes
PUP.Optional.Solimba, .PUP.Optional.Solimba, PUP.Optional.Firseria
41.18%
K7 AntiVirus
Unwanted-Program
41.18%
NANO AntiVirus
Trojan.Win32.Morstar.deknwg, Trojan.Win32.Morstar.derahk, Trojan.Win32.DownLoader11.ddphbo, Trojan.Win32.Morstar.delfle
41.18%
Bitdefender
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria.M, Gen:Variant.Strictor.65704
41.18%
Sophos
PUA.Solimba Installer, PUA 'Solimba Installer'
41.18%
Avira AntiVirus
APPL/Firseria.Gen8
41.18%
G Data
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria, Gen:Variant.Strictor.65704
41.18%
Vba32 AntiVirus
Downware.Morstar
41.18%
AVG
Generic, Adware BundleApp_r, Adware BundleApp.IA
41.18%
The domain dl.filestodown.com has been seen to resolve to the following 11 IP addresses.
a23-62-236-75.deploy.static.akamaitechnologies.com
May 3, 2015
a23-62-236-88.deploy.static.akamaitechnologies.com
May 3, 2015
a184-51-126-107.deploy.static.akamaitechnologies.com
January 12, 2015
a184-51-126-90.deploy.static.akamaitechnologies.com
January 12, 2015
a23-62-7-144.deploy.static.akamaitechnologies.com
September 27, 2014
a23-62-7-160.deploy.static.akamaitechnologies.com
September 27, 2014
a184-29-106-107.deploy.static.akamaitechnologies.com
September 10, 2014
a184-29-106-129.deploy.static.akamaitechnologies.com
September 10, 2014
a23-62-6-113.deploy.static.akamaitechnologies.com
September 9, 2014
a23-62-6-123.deploy.static.akamaitechnologies.com
September 9, 2014
File downloads found at URLs served by dl.filestodown.com.
The following 139 files have been seen to comunicate with dl.filestodown.com in live environments.
URL:
http://dl.filestodown.com/