dl.filestodown.com

Corp New Ventures Services

Domain Information

The domain dl.filestodown.com registered by Corp New Ventures Services was initially registered in October of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
LINE DRIVE DOMAINS, LLC

Server location:
Massachusetts, United States (US)

Create date:
Thursday, October 22, 2015

Expires date:
Saturday, October 22, 2016

Updated date:
Thursday, October 29, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.EilioDevelopmentssl.N, PUP.Installer.EilioDevelopmentssl.L, PUP.Installer.EilioDevelopmentssl.K, Threat.Win.Reputation.IMP, PUP.EilioDevelopmentssl.K, PUP.EilioDevelopmentssl.M, PUP.Solimba.EilioDevelopmentssl.Installer (M), PUP.Solimba.Installer, PUP.Solimba.EilioDev.Installer (M), PUP.Solimba (M)
100.00%

VIPRE Antivirus
Threat.4782980, DownloadMR, Threat.4150696
41.18%

Dr.Web
Trojan.DownLoader11.24441
41.18%

ESET NOD32
MSIL/Solimba.AH potentially unwanted application
41.18%

Kaspersky
not-a-virus:Downloader.Win32.Morstar
41.18%

MicroWorld eScan
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria.M, Gen:Variant.Strictor.65704
41.18%

Malwarebytes
PUP.Optional.Solimba, .PUP.Optional.Solimba, PUP.Optional.Firseria
41.18%

K7 AntiVirus
Unwanted-Program
41.18%

NANO AntiVirus
Trojan.Win32.Morstar.deknwg, Trojan.Win32.Morstar.derahk, Trojan.Win32.DownLoader11.ddphbo, Trojan.Win32.Morstar.delfle
41.18%

Bitdefender
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria.M, Gen:Variant.Strictor.65704
41.18%

Sophos
PUA.Solimba Installer, PUA 'Solimba Installer'
41.18%

Avira AntiVirus
APPL/Firseria.Gen8
41.18%

G Data
Gen:Variant.Application.Bundler.Kazy.132995, Application.Bundler.Firseria, Gen:Variant.Strictor.65704
41.18%

Vba32 AntiVirus
Downware.Morstar
41.18%

AVG
Generic, Adware BundleApp_r, Adware BundleApp.IA
41.18%

The domain dl.filestodown.com has been seen to resolve to the following 11 IP addresses.

February 12, 2016

a23-62-236-75.deploy.static.akamaitechnologies.com
May 3, 2015

a23-62-236-88.deploy.static.akamaitechnologies.com
May 3, 2015

a184-51-126-107.deploy.static.akamaitechnologies.com
January 12, 2015

a184-51-126-90.deploy.static.akamaitechnologies.com
January 12, 2015

a23-62-7-144.deploy.static.akamaitechnologies.com
September 27, 2014

a23-62-7-160.deploy.static.akamaitechnologies.com
September 27, 2014

a184-29-106-107.deploy.static.akamaitechnologies.com
September 10, 2014

a184-29-106-129.deploy.static.akamaitechnologies.com
September 10, 2014

a23-62-6-113.deploy.static.akamaitechnologies.com
September 9, 2014

a23-62-6-123.deploy.static.akamaitechnologies.com
September 9, 2014

File downloads found at URLs served by dl.filestodown.com.

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../Skype.exe  (932e41d6945ad1e087e54d33a0730187)

0 / 68
http://dl.filestodown.com/n/3.1.22.13.1/.../uTorrent.exe  (89144ed117c1d506ae3ab6d0e12f4d4b)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../Posteriza.exe  (0d4cba0a3434766081ddab5540bafcaa)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../Spark.exe  (fca2e4e75ef81d591b6c163d28d5f79a)

1 / 68      (Adware)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../WinRAR.exe  (de05847733da37c8c9b22becd4d4f756)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../iTunes.exe  (732dfa0b2ee8df334972c2b64fc8fccc)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../Skype.exe  (c51e0c74c0261018702093e1013f78fa)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../Cartoonist.exe  (1e2bae8dd17fa924be8d9ae99755b37c)

34 / 68    (Adware)
http://dl.filestodown.com/n/3.1.29/.../PhotoScape.exe  (1aa1e3df585e2397f16b8596930bb8b1)

31 / 68    (Adware)
http://dl.filestodown.com/n/3.1.29/.../Adobe Reader.exe  (731e693806ccfbe3c52bb393532af9bd)

28 / 68    (Adware)
http://dl.filestodown.com/n/3.1.29/.../SpaceTime.exe  (9d9bdd44acc612dff00db7a8a2cbf4b2)

30 / 68    (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../AntiToolbar.exe  (e14e35be88a69ceeb8bf2ce0e611b1e6)

32 / 68    (Adware)

22 / 68    (Adware)

1 / 68      (Adware)
http://dl.filestodown.com/n/3.1.22.17/.../herdProtect.exe  (e678857885e52ae24a57cde420264122)

30 / 68    (Adware)

The following 139 files have been seen to comunicate with dl.filestodown.com in live environments.

 
Latest 20 of 156 files

URL:
http://dl.filestodown.com/

Web server:
Apache