home

dl2.appzona.net

N/A

Domain Information

The domain dl2.appzona.net registered by N/A was initially registered in February of 2015 through DOMAINCONTEXT, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pokrovka, Primor'Ye within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
DOMAINCONTEXT, INC.

Server location:
Primor'Ye, Russia (RU)

Create date:
Tuesday, February 17, 2015

Expires date:
Friday, February 17, 2017

Updated date:
Wednesday, January 27, 2016

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.

Root domain:
appzona.net

Whois:
2 appzona.net records

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DestinyMedia, Threat.Win.Reputation.IMP, PUP.DestinyMedia.Installer (M), PUP.DestinyM.Installer (M), Win32.Generic, PUP (M)
100.00%

Dr.Web
Program.Zona.41, riskware program Program.Zona.41, Program.Zona.34, riskware program Program.Zona.34
57.58%

Bkav FE
W32.HfsAdware
54.55%

Zillya! Antivirus
Downloader.Adload.Win32.17823, Downloader.Adload.Win32.18418, Downloader.Adload.Win32.18417, Downloader.Adload.Win32.19854
54.55%

K7 AntiVirus
Unwanted-Program , Adware
54.55%

avast!
Win32:ZvuZona-I [PUP], Win32:ZvuZona-M [PUP]
54.55%

Kaspersky
not-a-virus:Downloader.Win32.AdLoad
54.55%

NANO AntiVirus
Riskware.Win32.Zona.dqfxyb, Trojan.Win32.AdLoad.dohigr
54.55%

Comodo Security
Application.Win32.ZvuZona.A
54.55%

G Data
Win32.Application.ZvuZona, Application.Bundler.BR, Application.Generic.1157643
54.55%

AhnLab V3 Security
Win-PUP/ZonaInstaller, PUP/Win32.Downloader, PUP/Win32.Helper, PUP/Win32.ZonaInstaller
54.55%

McAfee
ZvuZona, Program.ZvuZona
54.55%

Panda Antivirus
Trj/CI.A, Generic Suspicious
54.55%

Rising Antivirus
PE:PUF.Zona!1.9E06, PE:Trojan.Win32.Generic.18E9AA9C!417966748, PE:PUF.Zona!1.9E06[F1]
54.55%

AVG
Generic
54.55%

The domain dl2.appzona.net has been seen to resolve to the following IP address.

46.254.18.90
hosted-by.ihc.ru
May 6, 2015

File downloads found at URLs served by dl2.appzona.net.

3 / 68      (PUP)
http://dl2.appzona.net/ZonaSetup_latest.exe  (2f839b188a1ef70754be83aa1e576daf)

1 / 68      (PUP)
http://dl2.appzona.net/tmp/f1/e8/.../poliglot._vyuchim_angliyskiy_1-16.exe  (ca2a34adc4fba0216dd576e8887abe94)

35 / 68    (PUP)
http://dl2.appzona.net/.../ZonaSetup_latest_0.exe  (zonasetup_latest.exe)

40 / 68    (PUP)
http://dl2.appzona.net/.../ZonaSetup_latest_13.exe  (zonasetup_latest.exe)

1 / 68      (PUP)
http://dl2.appzona.net/tmp/d5/88/.../wwe_raw_14.11_2011_satrip_wrestling.exe  (e34917d9b06eaacb47ea8ef853969be0)

1 / 68      (PUP)
http://dl2.appzona.net/tmp/4e/42/.../naruto_shippuden_ultimate_ninja_storm_3.exe  (24f2c8d8c9d9b5c68b9b852ec70f19d6)

37 / 68    (PUP)
http://dl2.appzona.net/.../ZonaSetup_latest_91.exe  (zonasetup_latest.exe)

37 / 68    (PUP)
http://dl2.appzona.net/partner/tmp/39/93/.../ZonaSetup_latest.exe  (a94d7106c01b842046aecace9f12933e)

0 / 68
http://dl2.appzona.net/.../jre_latest.exe  (jre-8u40-windows-i586.exe)

1 / 68      (PUP)
http://dl2.appzona.net/tmp/b4/20/.../photoscape_3.5_2009_russkiy.exe  (7363259103622b2a140d2cca32f75083)

27 / 68    (PUP)
http://dl2.appzona.net/tmp/a9/e7/.../garik_sukachev_luchshie_pesni_2007_rock_mp3.exe  (2060cb421a22764fd4fcd6de2b60d81e)

33 / 68    (PUP)
http://dl2.appzona.net/tmp/8f/3b/.../p roevolutionsoccer6_2003.exe  (zonawebsetup.exe)

The following 3 files have been seen to comunicate with dl2.appzona.net in live environments.

TCP » 46.254.18.90:80
zonasetup_latest.exe (Zona installer by Destiny Media)

TCP » 46.254.18.90:80
zonasetup_latest.exe (Zona installer by Destiny Media)

TCP » 46.254.18.90:80
zonasetup_latest.exe (Zona installer by Destiny Media)

URL:
http://dl2.appzona.net/

Web server:
nginx/1.8.0

getz.tv

zonainst.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.