The domain dn.goforfiles.com registered by Righway Technologies, Inc. was initially registered in August of 2012 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrant:
Righway Technologies, Inc.
Registrar:
INTERNET DOMAIN SERVICE BS CORP
Server location:
Northern Ireland, United Kingdom (GB)
Create date:
Thursday, August 16, 2012
Expires date:
Tuesday, August 16, 2016
Updated date:
Friday, December 11, 2015
Scanner detections:
Detections (94% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.RighwayTechnologies.c, PUP.RighwayTechnologies.j, PUP.RighwayTechnologies.p, PUP.RighwayTechnologies.R, PUP.RighwayTechnologies.Q, PUP.RighwayTechnologies.?, Threat.Win.Reputation.IMP, PUP.Via Advertising.RighwayTechnologies.Bundler (M), Win32.Generic, PUP.Via Advertising.RighwayT.Bundler (M)
96.97%
ESET NOD32
Win32/ExpressDownloader (variant), Win32/YourFileDownloader (variant)
75.76%
VIPRE Antivirus
ExpressFiles Installer, Yontoo
72.73%
McAfee
Artemis!DF3B28428CBF, Artemis!767228F5C58C, Artemis!EA4F5E984CF2, Artemis!FD3BB23E84E6, Artemis!7B998F57FCBC, Artemis!75828DD12967, Artemis!D59ACD337F6E, Artemis!1DD42C91BE13, Artemis!C452BBCA28D5, Artemis!301B31FB93A0
51.52%
Malwarebytes
PUP.Optional.GoForFiles.A
51.52%
Trend Micro House Call
TROJ_GEN.F47V0607, TROJ_GEN.F47V0507, TROJ_GEN.F47V0827, TROJ_GEN.F47V0412, TROJ_GEN.F47V0920, TROJ_GEN.F47V0430, TROJ_GEN.F47V0531
48.48%
AhnLab V3 Security
PUP/Win32.ExpressFiles
39.39%
K7 AntiVirus
Unwanted-Program
36.36%
herdProtect (fuzzy)
a variant of 38d054df87991c3cf7077b3c6f79e571e45b6c06, a variant of 70c31e5239b6e20f6a169124260e85b7d5923fce, a variant of b478c5e5a00e5093d854268b716c67a8f8975203
36.36%
Dr.Web
Adware.Downware.1204, Tool.DownLoader.52, Adware.Downware.11081
27.27%
avast!
Win32:PUP-gen [PUP], Win32:Malware-gen, Win32:Dropper-gen [Drp]
24.24%
NANO AntiVirus
Riskware.Win32.Babylon.craswq, Trojan.Win32.Babylon.csuksh
21.21%
AVG
Skodna.Generic_r
21.21%
Fortinet FortiGate
Adware/YourFileDownloader, W32/YourFileDownloader.B
18.18%
The domain dn.goforfiles.com has been seen to resolve to the following 3 IP addresses.
unallocated.barefruit.co.uk
May 3, 2015
mail.goforfiles.com
May 23, 2014
File downloads found at URLs served by dn.goforfiles.com.
Latest 30 of 293 download URLs
The following 230 files have been seen to comunicate with dn.goforfiles.com in live environments.