download2.manycam.com

Visicom Media Inc.

Domain Information

The domain download2.manycam.com registered by Visicom Media Inc. was initially registered in March of 2006 through DNC HOLDINGS, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
DNC HOLDINGS, INC.

Server location:
Virginia, United States (US)

Create date:
Wednesday, March 22, 2006

Expires date:
Monday, March 22, 2021

Updated date:
Wednesday, November 20, 2013

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:

Scanner detections:
Detections  (74% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ManyCamVirtualWebcam.VisicomMedia.M, PUP.ManyCamVirtualWebcam.VisicomMedia.Z, PUP.ManyCamVirtualWebcam.VisicomMedia.W, PUP.Visicom.ManyCam (L), Threat.Win.Reputation.IMP, Win32.Generic, PUP.Visicom.Toolbar.Installer.Meta (M), PUP.Visicom.VisicomM.Installer.Meta (M)
70.00%

Rising Antivirus
PE:PUA.Infector!1.9C44, NS:Malware.Install!1.9F62, PE:Malware.XPACK/RDM!5.1
30.00%

ESET NOD32
Win32/Toolbar.Visicom (variant), Win32/Bundled.Toolbar.Ask (variant)
27.50%

Trend Micro House Call
TROJ_GEN.F47V1023, TROJ_GEN.F47V0203, TROJ_GEN.F47V0305
22.50%

Dr.Web
Tool.InstallToolbar.129, Tool.InstallToolbar.174, hacktool program Tool.InstallToolbar.189
20.00%

Malwarebytes
PUP.Optional.MyStartTB.A
10.00%

Emsisoft Anti-Malware
Win32.Parite
10.00%

Vba32 AntiVirus
TrojanDownloader.Genome
10.00%

Agnitum Outpost
PUA.Toolbar.Ask, Riskware.InstallToolbar
7.50%

Bkav FE
W32.HfsAdware
5.00%

AVG
Generic
5.00%

ESET NOD32
Win32/Toolbar.Visicom.F potentially unwanted application
2.50%

The domain download2.manycam.com has been seen to resolve to the following 131 IP addresses.

server-52-85-147-206.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-125.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-111.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-93.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-83.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-47.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-44.iad12.r.cloudfront.net
August 27, 2016

server-52-85-147-216.iad12.r.cloudfront.net
August 27, 2016

server-52-84-127-156.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-142.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-135.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-83.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-74.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-45.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-7.iad16.r.cloudfront.net
August 26, 2016

server-52-84-127-184.iad16.r.cloudfront.net
August 26, 2016

server-52-85-147-40.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-18.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-249.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-215.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-167.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-148.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-138.iad12.r.cloudfront.net
August 24, 2016

server-52-85-147-115.iad12.r.cloudfront.net
August 24, 2016

server-54-230-194-24.iad53.r.cloudfront.net
July 29, 2016

server-54-230-194-250.iad53.r.cloudfront.net
July 29, 2016

server-54-230-194-244.iad53.r.cloudfront.net
July 29, 2016

server-54-230-194-157.iad53.r.cloudfront.net
July 29, 2016

server-54-230-194-147.iad53.r.cloudfront.net
July 29, 2016

server-54-230-194-141.iad53.r.cloudfront.net
July 29, 2016

 
Showing 30 of 131 IP Addresses

File downloads found at URLs served by download2.manycam.com.

1 / 68      (inconclusive)
http://download2.manycam.com/ManyCam.exe  (cf3c9c741d59f39508027a1b5c55e340)

1 / 68      (Adware)

1 / 68      (Adware)
http://download2.manycam.com/ManyCamSetup_v4.1.2.exe  (9ef75ac8555bdd6812c487dfd1160a69)

1 / 68      (PUP)

1 / 68      (PUP)

5 / 68      (PUP)

The following 32 files have been seen to comunicate with download2.manycam.com in live environments.

 
Latest 20 of 73 files

URL:
http://download2.manycam.com/

Network:
Amazon Cloudfront

SSL certificate subject:
CN=*.manycam.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=GT36371141

SSL certificate issuer:
CN=RapidSSL SHA256 CA - G3, O=GeoTrust Inc., C=US

Web server:
cloudflare-nginx

Compete.com:
US visitors:  34

Statistics are for the previous month.