» files4.downloadmanager149.com
Overview
Analysis
IPs Addresses (100)
Downloads (276)
Network (643)

files4.downloadmanager149.com

Domains By Proxy, LLC (Proxy Registrant)

Domain Information

The domain files4.downloadmanager149.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.

Registrant:

Domains By Proxy, LLC

Registrar:

GODADDY.COM, LLC

Server location:

Massachusetts, United States (US)

Create date:

Wednesday, September 2, 2015

Expires date:

Friday, September 2, 2016

Updated date:

Wednesday, September 2, 2015

Root domain:

downloadmanager149.com

Whois:

1 downloadmanager149.com record

Scanner detections:

Detections (95% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.DownloadAdmin.Recode.Installer (M), PUP.FindwideToo.Installer (M), PUP.TomorrowSoftware.PowerPlayMedia.Bundler (M), PUP.DownloadAdmin.Sundex.Installer (M), PUP.TomorrowSoftware.TrustedInstallSoftware.Installer (M), PUP.TomorrowSoftware.TrueStreet.Installer (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.Tightrope.PourOverDigital.Bundler (M), PUP.DownloadAdmin.SafeInstallSoftware.Installer (M), PUP.DownloadAdmin.Groovecom.Installer (M), PUP.TomorrowSoftware.GoldenBanners.Bundler (M), PUP.TomorrowSoftware.UprightMedia.Installer (M), PUP.TomorrowSoftware.TrustedI.Bundler (M), PUP.TomorrowSoftware.PowerPla.Bundler (M), PUP.DownloadAdmin.Grooveco.Installer (M), PUP.TomorrowSoftware.TrueStre.Installer (M), PUP.TomorrowSoftware.UprightM.Installer (M)

94.44%

VIPRE Antivirus

Trojan.Win32.Generic, Threat.4721115

25.00%

G Data

Gen:Variant.Application.Bundler.DownloadAdmin, Win32.Trojan.Agent.NKNX5P

22.22%

ESET NOD32

Win32/DownloadAdmin.P potentially unwanted (variant)

22.22%

AVG

Generic, Win32/Sality

22.22%

MicroWorld eScan

Gen:Variant.Application.Bundler.DownloadAdmin.4

19.44%

Bitdefender

Gen:Variant.Application.Bundler.DownloadAdmin.4

19.44%

F-Secure

Gen:Variant.Application.Bundler

19.44%

Dr.Web

Trojan.Vittalia.884, Trojan.Vittalia.963, Trojan.Vittalia.1074, Trojan.Vittalia.961, Trojan.Vittalia.1198, Win32.Sector.30

19.44%

Bkav FE

W32.HfsAdware

16.67%

McAfee

Artemis!15C783916007, Artemis!A0CD4A49149D, Artemis!224A13399DFF, Artemis!9C054EA85BAD, Artemis!AD8E3B6ACF3E

16.67%

Fortinet FortiGate

Riskware/DownloadAdmin

16.67%

Agnitum Outpost

Riskware.Agent

13.89%

K7 AntiVirus

Adware

13.89%

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F], PE:Adware.DownloadAdmin!1.A243 [F]

11.11%

The domain files4.downloadmanager149.com has been seen to resolve to the following 100 IP addresses.

23.219.88.158

a23-219-88-158.deploy.static.akamaitechnologies.com

August 25, 2016

23.219.88.159

a23-219-88-159.deploy.static.akamaitechnologies.com

August 25, 2016

104.96.221.81

a104-96-221-81.deploy.static.akamaitechnologies.com

July 22, 2016

104.96.221.58

a104-96-221-58.deploy.static.akamaitechnologies.com

July 22, 2016

104.96.221.138

a104-96-221-138.deploy.static.akamaitechnologies.com

July 22, 2016

104.96.221.107

a104-96-221-107.deploy.static.akamaitechnologies.com

July 22, 2016

104.96.221.99

a104-96-221-99.deploy.static.akamaitechnologies.com

July 22, 2016

23.15.7.136

a23-15-7-136.deploy.static.akamaitechnologies.com

July 20, 2016

23.15.7.104

a23-15-7-104.deploy.static.akamaitechnologies.com

July 20, 2016

23.15.7.153

a23-15-7-153.deploy.static.akamaitechnologies.com

July 20, 2016

23.15.8.66

a23-15-8-66.deploy.static.akamaitechnologies.com

July 17, 2016

104.96.220.193

a104-96-220-193.deploy.static.akamaitechnologies.com

July 17, 2016

104.96.220.224

a104-96-220-224.deploy.static.akamaitechnologies.com

July 17, 2016

23.62.6.74

a23-62-6-74.deploy.static.akamaitechnologies.com

July 7, 2016

23.62.6.91

a23-62-6-91.deploy.static.akamaitechnologies.com

July 7, 2016

23.15.9.18

a23-15-9-18.deploy.static.akamaitechnologies.com

July 7, 2016

23.15.9.58

a23-15-9-58.deploy.static.akamaitechnologies.com

July 7, 2016

23.15.8.33

a23-15-8-33.deploy.static.akamaitechnologies.com

July 6, 2016

23.15.8.89

a23-15-8-89.deploy.static.akamaitechnologies.com

July 6, 2016

23.62.6.104

a23-62-6-104.deploy.static.akamaitechnologies.com

June 28, 2016

23.220.148.11

a23-220-148-11.deploy.static.akamaitechnologies.com

June 6, 2016

118.214.160.177

a118-214.160-177.deploy.akamaitechnologies.com

May 25, 2016

118.214.160.176

a118-214.160-176.deploy.akamaitechnologies.com

May 25, 2016

104.96.220.233

a104-96-220-233.deploy.static.akamaitechnologies.com

May 16, 2016

104.96.220.226

a104-96-220-226.deploy.static.akamaitechnologies.com

May 16, 2016

104.96.220.203

a104-96-220-203.deploy.static.akamaitechnologies.com

May 16, 2016

104.96.220.248

a104-96-220-248.deploy.static.akamaitechnologies.com

May 16, 2016

104.96.220.241

a104-96-220-241.deploy.static.akamaitechnologies.com

May 16, 2016

104.96.220.217

a104-96-220-217.deploy.static.akamaitechnologies.com

May 16, 2016

65.158.47.43

May 16, 2016

Showing 30 of 100 IP Addresses

File downloads found at URLs served by files4.downloadmanager149.com.

1 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=ID&cb=-978139814&osName=unknown&browserName=unknown&zTmp=1&executable=1196763 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=SA&cb=-706978454&osName=unknown&browserName=unknown&zTmp=1&executable=1197167 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=PT&cb=-1589556030&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=VN&cb=-775493798&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=EG&cb=-139254797&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&cb=1276660889&osName=unknown&browserName=unknown&zTmp=1&executable=1197167 (kmpaddedcode_oppercd.exe)

23 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BD&cb=-1965229636&osName=unknown&browserName=unknown&zTmp=1&executable=1197159 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1158997034&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

23 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BD&cb=-1528259021&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BG&cb=1238200533&osName=unknown&browserName=unknown&zTmp=1&executable=1197167 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=DZ&cb=-1382432593&osName=unknown&browserName=unknown&zTmp=1&executable=1196457 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=VN&cb=445529215&osName=unknown&browserName=unknown&zTmp=1&executable=1196843 (additionaloffers-setup.exe)

23 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=ID&cb=-245143414&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=1551047222&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

15 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=TH&cb=-821777213&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=US&cb=889593671&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IN&cb=-1517480437&osName=unknown&browserName=unknown&zTmp=1&executable=1196807 (kmpaddedcode_oppercd.exe)

15 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=TH&cb=1960259876&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (additionaloffers-setup.exe)

19 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BD&cb=303726218&osName=unknown&browserName=unknown&zTmp=1&executable=1197167 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=-956612898&osName=unknown&browserName=unknown&zTmp=1&executable=1197925 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=VN&cb=1461683176&osName=unknown&browserName=unknown&zTmp=1&executable=1196807 (kmpaddedcode_oppercd.exe)

1 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=UA&cb=936332881&osName=unknown&browserName=unknown&zTmp=1&executable=1196813 (additionaloffers-setup.exe)

1 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=RO&cb=-1160259953&osName=unknown&browserName=unknown&zTmp=1&executable=1196791 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IN&cb=-1232636797&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (kmpaddedcode_oppercd.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IR&cb=683839014&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (kmpaddedcode_oppercd.exe)

13 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=IN&cb=935861198&osName=unknown&browserName=unknown&zTmp=1&executable=1197159 (kmpaddedcode_oppercd.exe)

1 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BG&cb=954090173&osName=unknown&browserName=unknown&zTmp=1&executable=1196763 (additionaloffers-setup.exe)

1 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=ID&cb=-1132028971&osName=unknown&browserName=unknown&zTmp=1&executable=1196843 (kmpaddedcode_oppercd.exe)

14 / 68 (Adware)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=SA&cb=-268707820&osName=unknown&browserName=unknown&zTmp=1&executable=1197171 (additionaloffers-setup.exe)

1 / 68 (PUP)

http://files4.downloadmanager149.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=BG&cb=1740790415&osName=unknown&browserName=unknown&zTmp=1&executable=1196849 (kmpaddedcode_oppercd.exe)

Latest 30 of 276 download URLs

The following 643 files have been seen to comunicate with files4.downloadmanager149.com in live environments.

TCP » 104.112.235.19:80

TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.50:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.104:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443

kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.49:80

updateadmin.exe

TCP » 184.51.126.83:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.104:80

plugin.exe

TCP » 184.51.126.105:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.49:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443

citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.83:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.15.9.18:80

browser.exe (Browser)

TCP » 184.51.126.105:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.50:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443

messengertime.exe

TCP » 184.51.126.104:443

UCBrowser.exe (UC Browser by UCWeb)

Latest 20 of 768 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.