home

download555.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain download555.net is registered by proxy through ENOM, INC. and was originally registered in April of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the The Endurance International Group, Inc. network.
Registrar:
ENOM, INC.

Server location:
Washington, United States (US)

Create date:
Wednesday, April 30, 2014

Expires date:
Thursday, April 30, 2015

Updated date:
Wednesday, April 30, 2014

ASN:
AS29873 BIZLAND-SD - The Endurance International Group, Inc.,US

Whois:
1 download555.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!08566C143686, PUP-FBM, Artemis!766716672007
100.00%

Malwarebytes
PUP.Optional.Amonetize.A
100.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize
100.00%

Qihoo 360 Security
Win32/Virus.Adware.932, Win32/Trojan.Adware.37e, Win32/Application.c7d
100.00%

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.Wilmaonline.F
100.00%

MicroWorld eScan
Adware.Generic.939761, Application.Bundler.Amonetize.L, Gen:Variant.Application.Bundler.Amonetize.12
100.00%

Bitdefender
Adware.Generic.939761, Application.Bundler.Amonetize.L, Gen:Variant.Application.Bundler.Amonetize.12
100.00%

Lavasoft Ad-Aware
Adware.Generic.939761, Application.Bundler.Amonetize.L, Gen:Variant.Application.Bundler.Amonetize.12
100.00%

F-Secure
Adware.Generic.939761, Application.Bundler.Amonetize, Gen:Variant.Application.Bundler
100.00%

G Data
Adware.Generic.939761, Application.Bundler.Amonetize, Gen:Variant.Application.Bundler.Amonetize.12
100.00%

VIPRE Antivirus
Amonetize
66.67%

avast!
Win32:Amonetize-AX [PUP], Win32:Amonetize-BX [PUP]
66.67%

Sophos
Amonetize
66.67%

Avira AntiVirus
ADWARE/Adware.Gen2
66.67%

AhnLab V3 Security
PUP/Win32.Amonetiz
66.67%

The domain download555.net has been seen to resolve to the following IP address.

66.96.147.105
105.147.96.66.static.eigbox.net
August 17, 2014

File downloads found at URLs served by download555.net.

24 / 68    (PUP)
http://download555.net/.../h  (clash of clans hack v3 5 downloader__3687_i624904529_il12339075.exe)

24 / 68    (PUP)
http://download555.net/.../r  (windows7watremover2014__7821_il2155.exe)

15 / 68    (Adware)
http://download555.net/.../q  (setup.exe)

15 / 68    (Adware)
http://download555.net/.../e  (setup.exe)

The following 3 files have been seen to comunicate with download555.net in live environments.

TCP » 66.96.147.105:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.147.105:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.96.147.105:80
online-guardian-v2.0.9.exe

URL:
http://download555.net/

Web server:
Apache/2

quiosque-online.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.