The domain download.bragdownload.com registered by Web Domains By Proxy was initially registered in May of 2014 through PAKNIC (PRIVATE) LIMITED. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrant:
Web Domains By Proxy
Registrar:
PAKNIC (PRIVATE) LIMITED
Server location:
Arizona, United States (US)
Create date:
Thursday, May 8, 2014
Expires date:
Sunday, May 8, 2016
Updated date:
Sunday, April 12, 2015
ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.KOMPANIYAR.s, PUP.Installer.Ukra2006.c, PUP.Installer.Ukra2006.?, PUP.Installer.Ukra2006.j, PUP.Installer.Ukra2006., Threat.Win.Reputation.IMP, PUP.Amonetize.Ukra2006.Bundler (M), PUP.ROSA.Installer (M), PUP.SOFTON (M), PUP.Amonetize (M), PUP (M)
100.00%
ESET NOD32
Win32/Amonetize.BG (variant), Win32/Amonetize.BI (variant), Win32/Amonetize.BD (variant), Win32/Amonetize.BM (variant), Win32/Amonetize.BN (variant)
51.02%
Malwarebytes
PUP.Optional.Amonetize, PUP.Optional.Downloader, PUP.Optional.Bundler
48.98%
AVG
Generic, Ukra, Generic_r, Downloader.Generic14
48.98%
AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
46.94%
Sophos
Amonetize, Generic PUA NE, Generic PUA BB, Generic PUA DH, Generic PUA MK, Generic PUA EM
40.82%
Avira AntiVirus
APPL/Amonetize.Z, ADWARE/Adware.Gen2, APPL/Amonetize.htzw, Adware/Amonetize.519376.14, ADWARE/Adware.Gen4
38.78%
McAfee
Artemis!31B02308E008, Artemis!4F61E97FE9CA, Artemis!F944E17DC248, Artemis!BD3DBA338E1A, PUP-Amonetize, Artemis!14C3E2563669, Artemis!EC3FF334ACCB, Artemis!3D9BA073B2C4, Artemis!B16D14AD9DF2, PUP-FQT, Artemis!DCED91D72516, Artemis!0175C95AB9CE, Artemis!9CC5E2F42BD8, Artemis!456DA58E6E25
36.73%
Baidu Antivirus
Adware.Win32.Amonetize
34.69%
Dr.Web
Adware.Downware.5913, Adware.Downware.8012, Adware.Downware.8379, Adware.Bundle.5, Adware.Downware.8564, Adware.Downware.8618
32.65%
NANO AntiVirus
Riskware.Win32.Amonetize.dcckkw, Riskware.Win32.Amonetize.dchxoa, Riskware.Win32.Amonetize.ddabxo, Riskware.Win32.Amonetize.ddtnan
30.61%
Agnitum Outpost
PUA.Amonetize
30.61%
G Data
Win32.Application.Amonetize, Application.Bundler.Amonetize, Gen:Variant.Application.Bundler.Amonetize.12, Gen:Variant.Application.Bundler.Amonetize.11
28.57%
Panda Antivirus
Trj/CI.A, Trj/Genetic.gen, W32/Sality.AO
26.53%
MicroWorld eScan
Application.Bundler.Amonetize.N, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.12, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Graftor.161218, Adware.Generic.1028683
22.45%
The domain download.bragdownload.com has been seen to resolve to the following 2 IP addresses.
File downloads found at URLs served by download.bragdownload.com.
Latest 30 of 138 download URLs
URL:
http://download.bragdownload.com/
SSL certificate subject:
CN=sni62458.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Web server:
cloudflare-nginx