download.downloadinfo100.com

Corp New Ventures Services

Domain Information

The domain download.downloadinfo100.com registered by Corp New Ventures Services was initially registered in December of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
SHINING STAR DOMAINS, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, December 27, 2015

Expires date:
Tuesday, December 27, 2016

Updated date:
Sunday, January 3, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.QuickDownloader.H, PUP.Installer.Adlogica, PUP.Adlogica.SoftDownloads.Bundler (M), PUP.Adlogica.QuickDownloader.Bundler (M), PUP.installCore.DownloadSafely.Installer (M), PUP.Adlogica.SoftDown.Bundler (M), PUP.Adlogica (M)
100.00%

Dr.Web
Trojan.Packed.28678, Trojan.InstallCore.7
19.05%

VIPRE Antivirus
Threat.4786018, Threat.4150696
19.05%

K7 AntiVirus
Unwanted-Program , Trojan
19.05%

F-Prot
W32/Outbrowse.B2.gen, W32/InstallCore.AC.gen
14.29%

Agnitum Outpost
PUA.OutBrowse, PUA.InstallCore
14.29%

ESET NOD32
Win32/OutBrowse.AY, Win32/InstallCore.QH (variant)
14.29%

AVG
Generic
14.29%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.Outbrowse
9.52%

Avira AntiVirus
APPL/Downloader.Gen, ADWARE/InstallCore.Gen
9.52%

ESET NOD32
Win32/InstallCore.UQ potentially unwanted application, Win32/InstallCore.QH potentially unwanted application
9.52%

Sophos
PUA 'Install Core Click run software'
9.52%

NANO AntiVirus
Riskware.Win32.InstallCore.dhpyjp
9.52%

Comodo Security
Application.Win32.InstallCore.YA
9.52%

herdProtect (fuzzy)
a variant of c0171165c98401c3334174a299eed610636c0e26, a variant of b36696f03e5be5894069181a95c431e0fbb26ad4
9.52%

The domain download.downloadinfo100.com has been seen to resolve to the following 6 IP addresses.

January 4, 2016

ip-184-168-221-60.ip.secureserver.net
October 29, 2015

August 12, 2015

August 12, 2015

October 20, 2014

October 20, 2014

File downloads found at URLs served by download.downloadinfo100.com.

The following 13 files have been seen to comunicate with download.downloadinfo100.com in live environments.

URL:
http://download.downloadinfo100.com/

Web server:
Apache