The domain dll-wn.net registered by Starline Alliance LTD. was initially registered in September of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Austin, Texas within the United States which resides on the YHC Corporation network.
Registrant:
Starline Alliance LTD.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Server location:
Texas, United States (US)
Create date:
Monday, September 22, 2014
Expires date:
Thursday, September 22, 2016
Updated date:
Wednesday, September 23, 2015
ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.ROSA.a, PUP.Installer.SOFTON.d, PUP.Installer.ROSA.EE, PUP.SOFTON.S, PUP.Installer.SOFTON.b, PUP.Installer.ROSA.e, PUP.Installer.ROSA.h, PUP.Installer.ROSA.i, Threat.SOFTON, PUP.ROSA.Installer (M), PUP.SOFTON.Installer (M), PUP.SOFTON (M), PUP (M)
100.00%
Avira AntiVirus
APPL/Downloader.Gen4, APPL/Downloader.Gen9
30.95%
AVG
Generic, Downloader, Potentially harmful program Downloader.CAW
30.95%
avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen, Win32:Trojan-gen, Win32:Dropper-gen [Drp]
28.57%
Agnitum Outpost
Riskware.Agent
26.19%
Dr.Web
Trojan.Packed.29079, Trojan.Packed.29217
23.81%
ESET NOD32
Win32/bmMedia.CS, Win32/bmMedia.DN (variant), Win32/bmMedia.CW, Win32/bmMedia.DL (variant)
21.43%
VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
14.29%
F-Prot
W32/A-12625e94, W32/A-f5ab4d7a, W32/A-c271ccc6
14.29%
Emsisoft Anti-Malware
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%
Bitdefender
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%
NANO AntiVirus
Trojan.Win32.BmMedia.didzhh, Trojan.Win32.BmMedia.dkibgt, Trojan.Win32.BmMedia.didyuq
11.90%
G Data
Gen:Variant.Kazy.483613, Gen:Variant.Graftor.162037
11.90%
IKARUS anti.virus
Win32.SuspectCrc, PUA.bmMedia, PUA.Downloader
11.90%
Malwarebytes
PUP.Optional.Lind
11.90%
The domain dll-wn.net has been seen to resolve to the following 2 IP addresses.
209-99-40-222.fwd.datafoundry.com
October 12, 2015
File downloads found at URLs served by dll-wn.net.
Latest 30 of 42 download URLs
The following 47 files have been seen to comunicate with dll-wn.net in live environments.