home

files.1download.io

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
1download.io

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Air Software, PUP.Bundler.Vittalia, Threat.Air Software.Bundler, PUP.Vittalia.Bundler, PUP.Vittalia.InstallHelper.Installer (M), PUP.Air Software.DownloadAssistant.Bundler (M), PUP.DownloadAssistant.Bundler.Installer.Meta (M), PUP.Vittalia.InstallH.Installer (M), PUP.Air Software.Download.Bundler (M), PUP.Vittalia (M), PUP.Air Software (M)
97.22%

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application, Detection.Undefined, Win32/DownloadAssistant.B potentially unwanted application
36.11%

Dr.Web
Trojan.DownLoader12.16985, Trojan.Vittalia.13, Trojan.Vittalia.17, Trojan.DownLoader12.14838, Trojan.Vittalia.18, Trojan.Vittalia.30
30.56%

AVG
Generic, Potentially harmful program DownloadAssistant.A
30.56%

NANO AntiVirus
Trojan.Win32.DownLoader12.dncixg, Trojan.Win32.Vittalia.dqfrig
27.78%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Jaik.5699, Gen:Variant.Application.Bundler.AirInstaller.5
25.00%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Jaik.5699, Gen:Variant.Application.Bundler.AirInstaller
25.00%

F-Secure
Riskware.Gen:Variant.Application.Bundler
25.00%

VIPRE Antivirus
Threat.4782985
25.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.Jaik.5699, Gen:Variant.Application.Bundler.AirInstaller.5
25.00%

Malwarebytes
PUP.Optional.DownloadAssistant, PUP.Optional.BundleInstaller.A, PUP.Optional.InstallHelper.C
25.00%

Bitdefender
Gen:Variant.Application.Bundler.Jaik.5699, Gen:Variant.Application.Bundler.AirInstaller.5
25.00%

G Data
Gen:Variant.Application.Bundler.Jaik.5699, Gen:Variant.Application.Bundler.AirInstaller
25.00%

Panda Antivirus
Generic Suspicious, Trj/Genetic.gen
25.00%

avast!
Win32:Dropper-gen [Drp], Win32:Adware-CKN [PUP], Win32:Adware-CKF [PUP], Win32:Adware-CKC [PUP]
25.00%

The domain files.1download.io has been seen to resolve to the following IP address.

54.68.129.119
ec2-54-68-129-119.us-west-2.compute.amazonaws.com
May 15, 2015

File downloads found at URLs served by files.1download.io.

1 / 68      (Adware)
http://files.1download.io/.../download_vlc_media_player.php  (setup_vlc_media_player.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_vlc_media_player_64bit_2-2-0.php?tr=b&flag=us&cid=8870844c-c631-b373-c3f0-027ebc0c15d7&prd=&cmp=VLC Player 2015.US&adid=&kw=vlc&qs=&mt=&sl=&tv=v1.04b&geo=  (setup_vlc_media_player_2.2.0_64bit.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_vlc_media_player.php?cid=1274571035.1425255723&flag=us  (setup_vlc_media_player.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_minecraft.php?cid=38926423.1424374900&flag=us  (setup_minecraft.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_minecraft.php?cid=2057067608.1423874699  (setup_minecraft.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_firefox_37-0-1.php?tr=b&flag=us&cid=5a801bb6-c51a-d4cb-2773-9ff5c42031c1&prd=&cmp=Mozilla Firefox.US&adid=7590583862&kw=firefox&qs=youtube download addon for firefox&mt=p&sl=s0&tv=v2.0&geo=us  (setup_firefox.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_firefox.php?cid=551321441.1425069317&flag=int  (setup_firefox.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_internet_download_manager.php?cid=1352548687.1424495860&flag=us  (setup_internet_download_manager.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit.php?cid=2041204847.1423961609  (setup_winrar_64bit.exe)

0 / 68
http://files.1download.io/appsv1/.../JavaSetup8u40.exe  (0ed6fd8b4046871e2921c9e3d09343fb)

1 / 68      (Adware)
http://files.1download.io/.../download_nitro_pro.php?tr=b&flag=us&cid=dbfb38d0-85e5-3607-45d8-21add98d11d9&prd=&cmp=Nitro Pro.US&adid=8562992047&kw=nitro pdf free&qs=nitro pdf free&mt=e&sl=s0&tv=v4.0&geo=us&dl=0&dlpn=none  (setup_nitro_pro.exe)

1 / 68
http://files.1download.io/appsv1/.../winrar-x64-521.exe  (9b6f7231533f04b75f3b3c86cb9d0117)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit_5-21.php?tr=b&flag=us&cid=1837542408.1426998973&prd=  (setup_winrar_64bit.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_adobe_reader.php?tr=b&flag=us&cid=294251333.1426774831&prd=  (setup_adobe_reader.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit.php?cid=1859013239.1424998500&flag=int  (setup_winrar_64bit.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit.php?cid=1040352049.1425257408&flag=int  (setup_winrar_64bit.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit.php?cid=1739922301.1424905869&flag=us  (setup_winrar_64bit.exe)

22 / 68    (Adware)
http://files.1download.io/.../download_flash_player_17.php?tr=b&flag=us&cid=e5ffa2e7-6888-4741-80b0-7f3aaa5304aa&prd=&cmp=Flash Player.US&adid=8553613154&kw=adobe flash player&qs=about plugins&mt=b&sl=s0&tv=v1.04b&geo=us  (setup_adobe_flash_player.exe)

22 / 68    (Adware)
http://files.1download.io/.../download_flash_player_17.php?tr=b&flag=us&cid=8444a671-8ef1-7f58-ef23-7612e9861c0f&prd=&cmp=Flash Player&adid=7592942638&kw=flash&qs=flash&mt=e&sl=s0&tv=v1.04b&geo=us  (setup_adobe_flash_player.exe)

0 / 68
http://files.1download.io/appsv1/.../jre-8u31-windows-x64.exe  (a1e56496869c6cad9169ad723a2ccf82)

0 / 68
http://files.1download.io/appsv1/.../vlc-2.2.0-rc2-win32.exe  (1471d4d60300866c97404c0368427ed0)

1 / 68      (PUP)
http://files.1download.io/.../download_vlc_media_player.php?cid=751747635.1425117770&flag=int  (setup_vlc_media_player.exe)

19 / 68    (Adware)
http://files.1download.io/.../download_adobe_reader.php?tr=b&flag=us&cid=658228023.1426465675&prd=  (setup_adobe_reader.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_winrar_64bit.php?cid=1432139608.1424207313&flag=us  (setup_winrar_64bit.exe)

19 / 68    (Adware)
http://files.1download.io/.../download_adobe_reader_b1.php?tr=b&flag=us&cid=1319042753.1427946087&prd=&cmp=Adobe Reader&adid=&kw=free adobe reader download&qs=download&mt=b&sl=&tv=v1.04b-1&geo=  (setup_adobe_reader.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_adobe_reader.php?tr=b&flag=us&cid=101805764.1427248273&prd=  (setup_adobe_reader.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_java_update_8u40.php?tr=b&flag=us&cid=92dd9437-e209-bea4-00a7-2635e8f4db5a&prd=&cmp=Java SE.US&adid=7590601661&kw=free java&qs=free java&mt=e&sl=s0&tv=v1.04b&geo=us  (setup_java_update.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_picasa.php?flag=us&cid=1805973976.1426179036&prd=  (setup_picasa.exe)

1 / 68      (Adware)
http://files.1download.io/.../download_java_update_8u40.php?tr=b&flag=us&cid=&prd=  (setup_java_update.exe)

19 / 68    (Adware)
http://files.1download.io/.../download_adobe_reader.php?tr=b&flag=int&cid=439a52b1-00a7-0882-340a-1aa3125bcc6e&prd=&cmp=Adobe Reader.UK&adid=8555510864&kw=adobe reader&qs=adobe reader&mt=e&sl=s0&tv=v1.04b&geo=uk  (setup_adobe_reader.exe)

 
Latest 30 of 39 download URLs

The following file have been seen to comunicate with files.1download.io in live environments.

TCP » 54.68.129.119:80
setup_adobe_reader.exe (Adobe Reader by Install Helper)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.