home

dl5.iq8download.com

InstallX, LLC

Domain Information

The domain dl5.iq8download.com registered by Whois Privacy Shield Services was initially registered in February of 2016 through ENOM, INC.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher InstallX, LLC who is located in Sartell, Minnesota in the United States.
Registrar:
LEONIDAS, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, February 11, 2016

Expires date:
Saturday, February 11, 2017

Updated date:
Sunday, February 14, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
iq8download.com

Whois:
6 iq8download.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.W3i.M, PUP.Installer.W3i.V, PUP.Installer.W3i.W, PUP.Installer.W3i.R, PUP.Installer.W3i.N, PUP.Installer.W3i.U, PUP.InstallX.W3i.Installer (M), PUP.InstallX.W3i (M), PUP.InstallX (M)
100.00%

Sophos
InstallQ
65.96%

Trend Micro House Call
TROJ_GEN.R0CBH0ABF14, TROJ_GEN.F47V1114, TROJ_SPNR.0CA214, TROJ_GEN.R00JH0ALJ13, TROJ_GEN.R0CBH0AID13, TROJ_FAKEAV.BMC, TROJ_GEN.F47V1003, TROJ_GEN.R0C1H01H913
63.83%

Dr.Web
Adware.Downware.888, Adware.W3i.9, Trojan.Domaiq.225, Adware.W3i.4
63.83%

ESET NOD32
Win32/InstallIQ (variant), Win32/InstallIQ.A potentially unwanted (variant)
63.83%

VIPRE Antivirus
InstallIQ Installer, Trojan.Win32.Generic
61.70%

Avira AntiVirus
APPL/InstallIQ.Gen5, Adware/InstallC.B.1, PUA/InstallIQ.Gen5
59.57%

Malwarebytes
PUP.Optional.InstallIQ.A
57.45%

K7 AntiVirus
Unwanted-Program , Trojan
48.94%

Comodo Security
UnclassifiedMalware, Application.Win32.InstallIQ.NTZK
48.94%

McAfee
Artemis!772480DBD233, Artemis!B42519620ED3, Artemis!7AA77A9C1E24, Artemis!F008A5420B73, Artemis!F5D376FA74BF, Artemis!0DC21F8310B4, Artemis!32CBB271DCA1, Artemis!9DAE36631201
48.94%

Trend Micro
TROJ_FAKEAV.BMC, TROJ_SPNR.0CA214, TROJ_SPNR.0CI312, TROJ_GEN.R0C1C0OL414, TROJ_SPNR.15A115, TROJ_GEN.FCBCBLA
42.55%

Baidu Antivirus
Trojan.Win32.InstallIQ, Trojan.Win32.Agent, Adware.Win32.InstallIQ
42.55%

Rising Antivirus
PE:PUF.InstallIQ!1.9E4F, PE:Trojan.Win32.Generic.14A41BA7!346299303
40.43%

MicroWorld eScan
APPL/InstallIQ.Gen5, Adware/InstallC.B.1, Win32/InstallIQ, Trojan.GenericKDV.1157022
38.30%

The domain dl5.iq8download.com has been seen to resolve to the following 4 IP addresses.

146.148.34.125
125.34.148.146.bc.googleusercontent.com
February 15, 2016

54.210.47.225
ec2-54-210-47-225.compute-1.amazonaws.com
February 15, 2016

8.5.1.32
May 4, 2015

72.21.81.128
December 27, 2013

File downloads found at URLs served by dl5.iq8download.com.

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../musicwallpapers.exe  (7d0c435c0d8d169d05c018523044c078)

13 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../nuancepdf_d165400.exe  (50e01db97c141aead6ed8b932134ee46)

22 / 68    (Adware)
http://dl5.iq8download.com/lm/.../movie_player_1280.exe  (772480dbd233bc58c70ed776623bbce1)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../amazinguniversess.exe  (10093e78f10139a8ab3588a4381e136f)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../virtualdub.exe  (1a05f108826d37c6cdb0477e64f7d9fc)

14 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../7zip_installer_d634434.exe  (7zip_installer_d793198.exe)

24 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../musicoasis_d639020.exe  (musicoasis.exe)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../marine2aw.exe  (24b9e025b4912fc13e18f0b20699d70d)

31 / 68    (Adware)
http://dl5.iq8download.com/lm/.../dolphin.exe  (6c86777de0e4d7cf13c6a70b511fb32e)

14 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../7zip_installer_d705464.exe  (7zip_installer_d793198.exe)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../mplayer_installer_2083.exe  (7d0b79fa37cf64e9206b0d78947fa2e2)

9 / 68      (Adware)
http://dl5.iq8download.com/dynamic/standard/.../pdfsplitandmerge_freely_d157194.exe  (1eb0452dd38a1a396334669ae2b87dce)

30 / 68    (Adware)
http://dl5.iq8download.com/lm/.../openfreely_1296.exe  (c8ac8d157e48341cc7b44185003e2410)

17 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../gimp_d151632.exe  (b16f42acb27fd54139f642dfb897133f)

27 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../frzfonts_d165396.exe  (9dae3663120172b7cce386ca0f2a65b9)

12 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../finalmediaplayer_2_d222790.exe  (32cbb271dca1591bac2875a1f1adc6f4)

20 / 68    (Adware)
http://dl5.iq8download.com/lm/.../freeeditor_1787.exe  (b7fdcc7e42e3cdd606f30239344cc7c2)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../applianflv.exe  (8b8b727a45e3d8aa00d241c31a564be8)

12 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../converterlite_d166363.exe  (b42519620ed311db20a40ca9c178ed67)

12 / 68    (Adware)
http://dl5.iq8download.com/lm/.../games.exe  (f_000326)

21 / 68    (Adware)
http://dl5.iq8download.com/lm/.../jenkatarcade.exe  (jenkatarcade_d151613.exe)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../soundfxhalloween.exe  (c38b5afcd180a2d0f185b49185e4dc25)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../fbdownloader.exe  (3589e96c11d5778e3482f5eff3790935)

1 / 68      (Adware)
http://dl5.iq8download.com/dynamic/standard/.../playpickle_d249631.exe  (af55faf53022528d1e8bb17e7fce14b8)

1 / 68      (Adware)
http://dl5.iq8download.com/dynamic/standard/.../audacity_app_d312095.exe  (7a6414a90b1c8aa78a406dd8fea5672f)

1 / 68      (Adware)
http://dl5.iq8download.com/lm/.../speeditup3_1769.exe  (4734e6db0448f2cb192071df5e79fb0d)

12 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../gimp_gh_d154021.exe  (17d620fc2fbaee71cf5979bfef127088)

8 / 68      (Adware)
http://dl5.iq8download.com/dynamic/standard/.../mplayer_tuguu_d1018394.exe  (mplayer_tuguu_d998157.exe)

21 / 68    (Adware)
http://dl5.iq8download.com/dynamic/standard/.../expertpdf7_d165399.exe  (expertpdf7_d146487.exe)

35 / 68    (Adware)
http://dl5.iq8download.com/lm/.../marine2.exe  (0492853abd5e7ae5f1935d945bf4d629)

 
Latest 30 of 136 download URLs

The following 6 files have been seen to comunicate with dl5.iq8download.com in live environments.

TCP » 54.210.47.225:80
online-guardian-v2.0.9.exe

TCP » 146.148.34.125:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 54.210.47.225:80
GoogleUpdate.exe (Google Update Services by Google lnc)

TCP » 146.148.34.125:80
online-guardian-v2.0.9.exe

TCP » 146.148.34.125:25
remwepqixynn.exe

TCP » 54.210.47.225:80
rtplugin.crx

TCP » 8.5.1.32:80
chrome.crx

URL:
http://dl5.iq8download.com/

Google Analytics:
UA-48689684

Title:
“iq8download.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

installiq.com

freeze.com

screensaver.com

wallpapers.com

w3i.net

wallery.com

iq6download.com

iq7download.com

iq9download.com

iq10download.com

v32installer.com

v41installer.com

via3installer.com

vic5installer.com

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

30 of 631 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.