home

dll-wn.net

Starline Alliance LTD.

Domain Information

The domain dll-wn.net registered by Starline Alliance LTD. was initially registered in September of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Austin, Texas within the United States which resides on the YHC Corporation network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Texas, United States (US)

Create date:
Monday, September 22, 2014

Expires date:
Thursday, September 22, 2016

Updated date:
Wednesday, September 23, 2015

ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Whois:
2 dll-wn.net records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ROSA.a, PUP.Installer.SOFTON.d, PUP.Installer.ROSA.EE, PUP.SOFTON.S, PUP.Installer.SOFTON.b, PUP.Installer.ROSA.e, PUP.Installer.ROSA.h, PUP.Installer.ROSA.i, Threat.SOFTON, PUP.ROSA.Installer (M), PUP.SOFTON.Installer (M), PUP.SOFTON (M), PUP (M)
100.00%

Avira AntiVirus
APPL/Downloader.Gen4, APPL/Downloader.Gen9
30.95%

AVG
Generic, Downloader, Potentially harmful program Downloader.CAW
30.95%

avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen, Win32:Trojan-gen, Win32:Dropper-gen [Drp]
28.57%

Agnitum Outpost
Riskware.Agent
26.19%

Dr.Web
Trojan.Packed.29079, Trojan.Packed.29217
23.81%

ESET NOD32
Win32/bmMedia.CS, Win32/bmMedia.DN (variant), Win32/bmMedia.CW, Win32/bmMedia.DL (variant)
21.43%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
14.29%

F-Prot
W32/A-12625e94, W32/A-f5ab4d7a, W32/A-c271ccc6
14.29%

Emsisoft Anti-Malware
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%

Bitdefender
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%

NANO AntiVirus
Trojan.Win32.BmMedia.didzhh, Trojan.Win32.BmMedia.dkibgt, Trojan.Win32.BmMedia.didyuq
11.90%

G Data
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%

IKARUS anti.virus
Win32.SuspectCrc, PUA.bmMedia, PUA.Downloader
11.90%

Malwarebytes
PUP.Optional.Lind
11.90%

The domain dll-wn.net has been seen to resolve to the following 2 IP addresses.

209.99.40.222
209-99-40-222.fwd.datafoundry.com
October 12, 2015

206.54.160.89
October 24, 2014

File downloads found at URLs served by dll-wn.net.

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=codebreaker v10.iso on pcsx2&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-21T05:28:08.688281 00:00nn  (codebreaker_v10.iso_on_pcsx2_99jsz.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=ccna 2 packet tracer labs&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-20T03:44:11.017187 00:00nn  (ccna_2_packet_tracer_labs_65ffn.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=kamehasutra full color english&url=&nor=1&lid=wdm&sub=nn2265000nn0nnDD1_2014-10-20T16:23:50.532483 00:00nn  (kamehasutra_full_color_english_03ovh.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=gta 4 autorun exe&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-22T13:15:52.364220 00:00nn  (gta_4_autorun_exe_02mhi.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=raag bhairavi bandish&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-27T12:06:26.971860 00:00nn  (raag_bhairavi_bandish_84xfh.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=trike bobber&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-24T00:09:31.479646 00:00nn  (trike_bobber_95fmg.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=les jeux de ben 10 ultimate alien gratuit&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-27T14:02:51.325518 00:00nn  (les_jeux_de_ben_10_ultimate_alien_gratuit_53zhj.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=inner thigh surgery&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-22T22:02:14.213883 00:00nn  (inner_thigh_surgery_26vhz.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=sparx enterprise architect 9.3&url=&nor=1&lid=wdm&sub=nn1500000nn0nnDD1_2014-10-23T07:50:35.098660 00:00nn  (sparx_enterprise_architect_9.3_30c5w.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=blog musique mc duc&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-23T11:04:38.464923 00:00nn  (blog_musique_mc_duc_61pct.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=minecraft custom capes mod&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-19T23:15:56.723019 00:00nn  (minecraft_custom_capes_mod_25hz7.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=hamdy a taha solution manual&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-19T09:12:12.846141 00:00nn  (hamdy_a_taha_solution_manual_67lfx.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=blood pen&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-23T05:00:33.153909 00:00nn  (blood_pen_26wou.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=nhl symbol&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-26T01:43:03.085612 00:00nn  (nhl_symbol_78owm.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=game ragnarok battle offline ex4&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-25T13:48:57.881490 00:00nn  (game_ragnarok_battle_offline_ex4_69wwy.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=telecharger tpw 1.5 gratuit pour windows 7 32bit&url=&nor=1&lid=wdm&sub=nn1500000nn0nnDD1_2014-10-25T13:05:02.430524 00:00nn  (telecharger_tpw_1.5_gratuit_pour_windows_7_32bit_45wqr.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=telecharger tpw 1.5 gratuit pour windows 7 32bit&url=&nor=1&lid=wdm&sub=nn1500000nn0nnDD1_2014-10-25T13:05:06.805972 00:00nn  (telecharger_tpw_1.5_gratuit_pour_windows_7_32bit_17evr.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=admin template for web applications&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-21T10:33:21.528660 00:00nn  (admin_template_for_web_applications_06om7.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=jeux gratuit adibou en ligne&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-18T20:47:40.822748 00:00nn  (jeux_gratuit_adibou_en_ligne_41oqv.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=bmi calculator kg cm chart&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-27T10:06:39.262939 00:00nn  (bmi_calculator_kg_cm_chart_08slh.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=ielts testbuilder 2&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-22T06:26:37.920673 00:00nn  (ielts_testbuilder_2_72ku2.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=partition piano jena lee j aimerais tellement gratuite&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-23T15:32:01.049254 00:00nn  (partition_piano_jena_lee_j_aimerais_tellement_gratuite_52p0u.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=airsoft guns for sale walmart&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-18T15:13:29.695321 00:00nn  (airsoft_guns_for_sale_walmart_38s6k.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=jeu de carte pouilleux gratuit&url=&nor=1&lid=wdm&sub=nn1405000nn0nnDD1_2014-10-20T08:01:49.566805 00:00nn  (jeu_de_carte_pouilleux_gratuit_033nj.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=Links Protegidos (Mega)&url=&nor=1&lid=wdm&sub=nn1835000nn7nnDD1_2014-10-22T22:49:13.742218 00:00nn  (links_protegidos_mega__37ntz.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=driver epson t50 xp&url=&nor=1&lid=wdm&sub=nn1500000nn0nnDD1_2014-10-19T10:49:18.882912 00:00nn  (driver_epson_t50_xp_04vof.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=Drivers.rar&url=&nor=1&lid=wdm&sub=nn1500000nn0nnDD1_2014-10-19T10:49:32.912338 00:00nn  (drivers.rar_47n5r.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=change clocks&url=&nor=1&lid=wdm&sub=nn1460000nn0nnDD1_2014-10-20T16:26:57.257104 00:00nn  (change_clocks_557mb.exe)

12 / 68    (Adware)
http://dll-wn.net/?id=t4e1b&name=gza liquid swords zip&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-25T01:55:13.819910 00:00nn  (gza_liquid_swords_zip_13lac.exe)

1 / 68      (Adware)
http://dll-wn.net/?id=t4e1b&name=word 2007 full version torrent&url=&nor=1&lid=wdm&sub=nn1405000nn2nnDD1_2014-10-20T12:00:07.666872 00:00nn  (word_2007_full_version_torrent_35hut.exe)

 
Latest 30 of 42 download URLs

The following 47 files have been seen to comunicate with dll-wn.net in live environments.

TCP » 209.99.40.222:80
UCBrowser.exe (by UCWeb)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 209.99.40.222:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.222:80
hkcmd.exe (Intel Common User Interface by Intel)

TCP » 209.99.40.222:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
online-guardian-v2.0.9.exe

TCP » 209.99.40.222:80
msn.exe

TCP » 209.99.40.222:80
apptrailers.exe

TCP » 209.99.40.222:80
y03fd24.tmp

TCP » 209.99.40.222:80
lliseconc8.exe

TCP » 209.99.40.222:80
megacubo.exe (Megacubo by www.megacubo.net)

TCP » 209.99.40.222:80
messengertime.exe

TCP » 209.99.40.222:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
jingling.exe

TCP » 209.99.40.222:80
browser.exe (speed browser by Smart Applications)

 
Latest 20 of 53 files

URL:
http://dll-wn.net/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.