dl.revenyou.com

OutBrowse

Domain Information

The domain dl.revenyou.com registered by OutBrowse was initially registered in October of 2012 through GODADDY.COM, LLC. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Friday, October 5, 2012

Expires date:
Saturday, October 5, 2019

Updated date:
Tuesday, June 16, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Google Safe Browsing:
unwanted

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V0502, TROJ_GEN.F47V0429, TROJ_GEN.F47V0712, TROJ_GEN.F47V0330, TROJ_GEN.F47V0411, Suspicious_GEN.F47V1024, Suspicious_GEN.F47V0708
38.89%

Rising Antivirus
PE:Trojan.Zbot!6.103C, PE:Malware.AntiWare!1.5593, PE:Malware.Obscure/Heur!1.9E03
16.67%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/SoftonicDownloader (variant)
16.67%

VIPRE Antivirus
Amonetize, Trojan.Win32.Generic, Softonic Downloader
16.67%

Bkav FE
W32.HfsOval, HW32.CDB
16.67%

Reason Heuristics
PUP.OpenCandy.Installer (L), Bundler.PPI.Softonic.J
11.11%

Emsisoft Anti-Malware
Gen:Variant.Graftor.66610, Gen:Heur.MSIL.Krypt.85
11.11%

Malwarebytes
Spyware.Password, PUP.Optional.Softonic
11.11%

K7 AntiVirus
Trojan , Unwanted-Program
11.11%

Agnitum Outpost
Trojan.DR.Agent, PUA.Softonic
11.11%

Qihoo 360 Security
Win32/Trojan.fe7, HEUR/Malware.QVM06.Gen
11.11%

Clam AntiVirus
Win.Malware.Agent3850084642/CRDF-1
5.56%

Vba32 AntiVirus
Hoax.Blocker
5.56%

avast!
NSIS:Downloader-AAJ [PUP]
5.56%

ESET NOD32
Win32/Toolbar.Babylon.AC potentially unwanted application
5.56%

The domain dl.revenyou.com has been seen to resolve to the following IP address.

224-124-232-198.static.unitasglobal.net
January 5, 2016

File downloads found at URLs served by dl.revenyou.com.

0 / 68
http://dl.revenyou.com/Files//Setup_product_2049.exe  (23d2d38049edc5d76e56b1ac0938362e)

1 / 68
http://dl.revenyou.com/Files//Setup_product_8839.exe  (game downloader 3.9 setup.exe)

3 / 68      (PUP)

1 / 68

0 / 68
http://dl.revenyou.com/Files//Setup_product_8097.exe  (4335a4a03405a62c02f2b1282f35b25a)

0 / 68

17 / 68    (Malware)

0 / 68
http://dl.revenyou.com/Files//Setup_product_2996.exe  (e2cebedd027a2295a8b334ee4443324f)

10 / 68    (PUP)

2 / 68      (inconclusive)
http://dl.revenyou.com/Files//Setup_product_10624.exe  (setup-sopcast-3.2.4-2009-7-9.exe)

0 / 68
http://dl.revenyou.com/Files//Setup_product_2834.exe  (d5d3fd74922a2b00522a8d2db12ebe63)

 
Latest 30 of 151 download URLs

The following 25 files have been seen to comunicate with dl.revenyou.com in live environments.

 
Latest 20 of 27 files

URL:
http://dl.revenyou.com/

Web server:
NetDNA-cache/2.2 (ASP.NET)