home

dl15.afterdawn.com

AfterDawn Oy

Domain Information

The domain dl15.afterdawn.com registered by AfterDawn Oy was initially registered in March of 1999 through CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Frankfurt Am Main, Hessen within Germany which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher AfterDawn who is located in Oulu, Finland.
Registrar:
CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM

Server location:
Hessen, Germany (DE)

Create date:
Wednesday, March 31, 1999

Expires date:
Sunday, March 31, 2019

Updated date:
Tuesday, February 11, 2014

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:
afterdawn.com

Whois:
2 afterdawn.com records

Scanner detections:
Adware distribution

Scan engine
Details
Detections

Reason Heuristics
PUP.MusicLab.M, (M), PUP.OpenCandy.Installer (L), PUP.Bundler.YoutubeDownloaderHD.Installer.Meta (M), PUP.DigitalWave.Bundler.Installer.Meta (L), PUP.DigitalWave.Bundle.Installer.Meta (L)
66.67%

ESET NOD32
Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
25.00%

Fortinet FortiGate
Riskware/OpenCandy
25.00%

G Data
Win32.Application.Dealply, Win32.Application.OpenCandy
25.00%

Dr.Web
Adware.Toolbar.576
25.00%

Rising Antivirus
PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520
25.00%

IKARUS anti.virus
PUA.FusionCore
25.00%

Trend Micro House Call
Suspicious_GEN.F47V0111, Suspicious_GEN.F47V0507
16.67%

Baidu Antivirus
Adware.Win32.Conduit, Adware.Win32.OpenCandy
16.67%

ESET NOD32
Detection.Undefined, Win32/Bundled.Toolbar.Google.D potentially unsafe application
16.67%

McAfee
Artemis!C0A66510319A
8.33%

avast!
Win32:Evo-gen [Susp]
8.33%

Clam AntiVirus
Win.Trojan.Agent-953871
8.33%

Avira AntiVirus
TR/Patched.Gen
8.33%

AVG
Generic
8.33%

The domain dl15.afterdawn.com has been seen to resolve to the following IP address.

46.165.222.193
imuri15.afterdawn.net
February 6, 2014

File downloads found at URLs served by dl15.afterdawn.com.

0 / 68
http://dl15.afterdawn.com/download/7d4f72df8d917bcb3bfd606f895344ec/57ab4ce6/.../Spotlite_v20.zip  (af77a45ae1d682dda8bb914f63ddce6f)

0 / 68
http://dl15.afterdawn.com/download/8bc680d7be163795ebbc95b25e1a1a89/5796e825/.../install_flash_player_osx_11.5.502.110.dmg  (install_flash_player_osx_11.5.502.110.man)

0 / 68
http://dl15.afterdawn.com/download/cf92fa53f178507b703b225a21a36ce1/56917e18/.../wrar531b1.exe  (96bfa3b74de949dc1d92de512af3fb1b)

1 / 68      (PUP)
http://dl15.afterdawn.com/download/47f1c508618d456491c791ef5543224c/576660c0/.../BearShare_v10.0.0.131750.exe  (bearsharev10.exe)

0 / 68
http://dl15.afterdawn.com/download/3f7bfaeb5d9745bf01b27d30b537c4af/5776d741/.../BitLord_1.01.exe  (bitlord_1.1.exe)

6 / 68      (false positives)
http://dl15.afterdawn.com/download/46d0d12d8e26bd093000ea36bf0dc311/5634aff0/.../FreeYouTubeDownload_v4.0.4.1027.exe  (freeyoutubedownload.exe)

1 / 68      (Malware)
http://dl15.afterdawn.com/download/78cac1af3ae86ae2ff79cd5e46ab548b/56e988eb/.../pf7-setup-en-7.2.1.exe  (50b1f49a475ac83fcfde2d08c4a547f8)

0 / 68
http://dl15.afterdawn.com/download/306426a5ff7a868744976b354f32328b/577b917e/.../utorrent-3.0.25570.x64.exe  (uTorrent.exe)

0 / 68
http://dl15.afterdawn.com/download/4c5c650f71e859dc774c856bbed021a4/578a54a6/.../SRTtoSSA_v1.0.zip  (7c1f8888-170e-2dea-3f51-a23a8a0ee8a7_1d1e04116534700)

0 / 68
http://dl15.afterdawn.com/download/0771eac918bd4dba74345ca6da6c5582/5727f060/.../MPC-HC.1.7.10.86.x86.VS2015.exe  (9088f83d38fda3eb96937b2b872fb275)

1 / 68      (PUP)
http://dl15.afterdawn.com/download/b0616955813a6ca0f225317ae2b8835d/576b1872/.../youtube_downloader_hd_setup_v2.9.9.27.exe  (youtube_downloader_hd_setup.exe)

0 / 68
http://dl15.afterdawn.com/download/17a4e1437543d7540ddd2a88d857a9e6/575ff827/.../mp3DC222.exe  (8173f18fcac6e1a58f3b372e24fdcad9)

0 / 68
http://dl15.afterdawn.com/download/4040701b84380db3e7893cc46b29f178/573b72a7/.../tor-browser-2.2.35-6_en-US.exe  (bde5e7ead534d129f577f135db9e891f)

0 / 68
http://dl15.afterdawn.com/download/45b8597fddeaf839a708d478cd6b232f/576ce275/.../PowerISO_v6.2.exe  (poweriso6.exe)

0 / 68
http://dl15.afterdawn.com/download/45097d02e62282764ae9a095b3e877e3/57447090/.../PowerISO_v6.2-x64.exe  (poweriso6-x64.exe)

0 / 68
http://dl15.afterdawn.com/download/b00df3c7a873b5fb982abac23bd3f595/5766f777/.../w7inst_v1.4.2.0.exe  (w7inst142.exe)

0 / 68
http://dl15.afterdawn.com/download/c8252f02ea2b4353571c804d15c03556/5743d277/.../install_flashplayer11x32_mssd_aih_11.6.602.180.exe  (install_flashplayer11x32_mssa_aih.exe)

0 / 68
http://dl15.afterdawn.com/download/b10155fe273fd9f0781fff817c956007/576cd0de/.../BlueStacks-ThinInstaller_0.6.3.2208.exe  (ab7ebbe2e81d0ac843d048080554ba5f)

0 / 68
http://dl15.afterdawn.com/download/06e8b0519909588a1820772a4b27cd7d/57652934/.../wmminst_1.2.exe  (0b2cc5baa051da5aca278986258d8321)

0 / 68
http://dl15.afterdawn.com/download/642d3c37cc92b02afca7672f3eb9de87/574c43ad/.../ppviewer.exe  (1facc59a11680d1f828ed5118a0270b1)

1 / 68      (PUP)
http://dl15.afterdawn.com/download/9164bf026ad74664c50cb64aa8a16894/573c9782/.../FreeYTVDownloader_v4.1.10.511.exe  (1559bcd4_stp.exe)

1 / 68
http://dl15.afterdawn.com/download/85c73fcca2f06bdaad464886f9eb3349/57354997/.../AMCapSetup_v9.22.exe  (AMCapSetup.exe)

0 / 68
http://dl15.afterdawn.com/download/614b95d55851e0c2731597cfe4f97716/57530189/.../dvdshrink32setup1.zip  (dvdshrink32setup.zip)

0 / 68
http://dl15.afterdawn.com/download/90d24aaf27023251cc96a007376f873d/574a8b43/.../Firefox_Setup_2.0.0.20.exe  (firefox-2.exe)

1 / 68      (PUP)
http://dl15.afterdawn.com/download/4e77db696ce84a55b2fb673749c8b3fa/5756e781/.../BearShare_v10.0.0.131750.exe  (bearsharev10.exe)

8 / 68      (PUP)
http://dl15.afterdawn.com/download/90c67a97dc2b916b5bda8af447b52042/56e31db7/.../FreeYouTubeDownload_v4.1.1.118.exe  (freeyoutubedownload.exe)

0 / 68
http://dl15.afterdawn.com/download/a9adefcbfd7405facebc10de10b1cd95/57320ed9/.../w7inst_v1.4.2.0.exe  (w7inst142.exe)

0 / 68
http://dl15.afterdawn.com/download/0b87c8a094d2dc82af0275d09260a53c/56ee899a/.../w7inst_v1.4.2.0.exe  (w7inst142.exe)

0 / 68
http://dl15.afterdawn.com/download/9d74195358379395748c9aa8a5d997d7/574a7b83/.../w7inst_v1.4.2.0.exe  (w7inst142.exe)

0 / 68
http://dl15.afterdawn.com/download/838e546256eef32777e79695852710e7/5741d5b4/.../install_flashplayer11x32_mssd_aih_11.6.602.180.exe  (install_flashplayer11x32_mssa_aih.exe)

 
Latest 30 of 196 download URLs

The following file have been seen to comunicate with dl15.afterdawn.com in live environments.

TCP » 46.165.222.193:80
8dda4b771a8b9ff7908171c045da8d64.exe

URL:
http://dl15.afterdawn.com/

Google Analytics:
UA-2099875

Title:
“AfterDawn: Software downloads”

Description:
“Large selection of reviewed shareware and freeware software.”

download.fi

blasteroids.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.