The domain filestock.blob.core.windows.net registered by Microsoft Corporation was initially registered in August of 1995 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Redmond, Washington within the United States which resides on the Microsoft Corporation network.
Registrant:
Microsoft Corporation
Registrar:
MARKMONITOR INC.
Server location:
Washington, United States (US)
Create date:
Thursday, August 10, 1995
Expires date:
Saturday, June 4, 2016
Updated date:
Wednesday, October 8, 2014
ASN:
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation,US
Scanner detections:
Detections (88% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.VASSANAKONGSOONGNERN.Y, PUP.Installer.VASSANAKONGSOONGNERN.X, PUP.VASSANAKONGSOONGNERN.J, PUP.VASSANAKONGSOONGNERN.Q, PUP.ThitawanChotiga.Installer (M), PUP.CoolMirage.VASSANAKONGSOONGNERN.Installer (M), PUP.ThitimaPhiwsawang.Installer (M), PUP.CoolMirage.VASSANAK.Installer (M), PUP.ThitimaP.Installer (M), PUP.CoolMirage (M)
65.91%
AVG
Generic, Could be an adware MultiBundle, Win32/Sality
61.36%
Dr.Web
Adware.Downware.8319, Adware.Yontoo.25, Adware.Yontoo.54, Threat.Undefined, Win32.Sector.30, Detection.Undefined
52.27%
ESET NOD32
Win32/Adware.1ClickDownload.AJ application, multiple threats, Win32/Adware.1ClickDownload.AY application, Win32/Sality.NBA virus, Win32/Adware.1ClickDownload.AX application
43.18%
avast!
Win32:Adware-gen [Adw], Win32:PUP-gen [PUP], Win32:Kukacka, Win32:SaliCode, Win32:Rootkit-gen [Rtk]
34.09%
Kaspersky
not-a-virus:AdWare.NSIS.Yontoo, not-a-virus:HEUR:AdWare.Win32.Yotoon, not-a-virus:Downloader.Win32.TornTV
27.27%
VIPRE Antivirus
CoolMirage Ltd, Threat.4721115
25.00%
K7 AntiVirus
Adware
20.45%
NANO AntiVirus
Trojan.Nsis.Yotoon.deckrr, Trojan.Win32.MLW.doamla
20.45%
Sophos
CoolMirage, Generic PUA PH
18.18%
Avira AntiVirus
ADWARE/Adware.Gen, APPL/Downloader.Gen, Adware/Yontoo.304960
18.18%
ESET NOD32
Win32/Adware.1ClickDownload.AX, Win32/Adware.1ClickDownload.AJ, NSIS/TrojanDropper.Agent.CB, MSIL/Riskware.ShimChanger (variant)
15.91%
Emsisoft Anti-Malware
Application.Bundler.LT, Win32.Sality, Application.Bundler.LZ
15.91%
Norman
Application.Bundler.LT, Application.Bundler.LZ
15.91%
McAfee
Artemis!E876E34992E8, Artemis!500CBA7437C8, Artemis!AF8B8346E4CC, Program.Artemis!2686029220FB, Program.Artemis!0D9FFE01064F
13.64%
The domain filestock.blob.core.windows.net has been seen to resolve to the following IP address.
blob.dm2prdstr01a.store.core.windows.net
October 20, 2014
File downloads found at URLs served by filestock.blob.core.windows.net.
URL:
http://filestock.blob.core.windows.net/
SSL certificate subject:
CN=*.blob.core.windows.net
SSL certificate issuer:
CN=MSIT Machine Auth CA 2, DC=redmond, DC=corp, DC=microsoft, DC=com
Web server:
Microsoft-HTTPAPI/2.0