dn.yourfiledownloader.com

Via Advertising Group Limited

Domain Information

The domain dn.yourfiledownloader.com registered by Whois Privacy Corp. was initially registered in April of 2012 through INTERNET.BS CORP.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain is associated with the publisher Via Advertising Group Limited who is located in Nicosia, CY.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, April 26, 2012

Expires date:
Tuesday, April 26, 2016

Updated date:
Sunday, December 13, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ViaAdvertisingGroupLimited.Q, PUP.ViaAdvertisingGroupLimited.R, PUP.ViaAdvertisingGroupLimited.S, PUP.ViaAdvertisingGroupLimited.J, PUP.Via Advertising.ViaAdver.Bundler (M), PUP.Via Advertising (M)
100.00%

McAfee
Artemis!BA792B193973, Artemis!F12E0521859D, Artemis!CB29C630728E, Artemis!ACD966385438, Artemis!91F5287BC48E, Artemis!1BE7D1994F2A, Artemis!23D3A26BA0FE, Artemis!942EF68139F1
25.53%

avast!
Win32:Downloader-UBW [Adw], Win32:Downloader-UGW [PUP], Win32:Downloader-UEO [PUP]
25.53%

VIPRE Antivirus
Via Advertising
25.53%

ESET NOD32
Win32/YourFileDownloader (variant), Win32/ExpressDownloader (variant)
25.53%

Trend Micro House Call
TROJ_GEN.F47V0623, TROJ_SPNR.28I112, TROJ_GEN.F47V0827, TROJ_SPNV.03KD13, TROJ_GEN.F47V0920, TROJ_SPNR.08JG12, TROJ_GEN.F47V0316
25.53%

Dr.Web
Adware.Downware.1140, Tool.DownLoader.42, Adware.Downware.1451, Adware.Downware.747
23.40%

Sophos
YourFile Downloader, Generic PUA FO, Generic PUA KH, Mal/Generic-S, Generic PUA BL
23.40%

Fortinet FortiGate
Riskware/YourFileDownloader, W32/SPNR.28JG12!tr, Adware/Fam.NB, W32/SPNR.08LB12!tr
23.40%

AVG
BundleApp_r.B, Dropper.Generic7, Skodna.Generic_c, Adware Generic_r, Skodna.Generic_r
23.40%

K7 AntiVirus
Riskware, Unwanted-Program , Riskware , Trojan
23.40%

G Data
Win32.Application.ExpressDownloader, Adware.Generic.589825, Adware.Generic.584252, Adware.Generic.574535, Win32.Trojan.Agent.BAF3CQ
19.15%

Malwarebytes
PUP.Optional.YourFileDownloader, PUP.Optional.YourfileDownloader
17.02%

IKARUS anti.virus
AdWare.Win32.YFileDownloader, PUA.ExpressDownloader.I, PUA.Expressdownloader
17.02%

NANO AntiVirus
Riskware.Win32.Amonetize.cvaajw
17.02%

The domain dn.yourfiledownloader.com has been seen to resolve to the following 6 IP addresses.

ns1.ibspark.com
May 15, 2016

199.195.196.180.static.midphase.com
September 21, 2015

209.95.43.22.static.midphase.com
May 3, 2015

November 12, 2014

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
August 1, 2014

December 26, 2013

File downloads found at URLs served by dn.yourfiledownloader.com.

1 / 68      (Adware)

7 / 68      (Adware)

14 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://dn.yourfiledownloader.com/.../CVxSUilYH18VeA904Qwjf  (inis_gjoni_video_seksi_nudo_downloader.exe)

 
Latest 30 of 573 download URLs

The following 367 files have been seen to comunicate with dn.yourfiledownloader.com in live environments.

 
Latest 20 of 392 files

URL:
http://dn.yourfiledownloader.com/

Title:
“SmileFiles”

Web server:
nginx/1.2.1 (PHP/5.4.45-0+deb7u2)

Facebook:
Shares:  1

Statistics are for the previous month.