home

freempr8.warerefree.com

Domain Information

Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:
warerefree.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Tightrope.Bundler, PUP.AstroDeliveryFriedCookie.e, PUP.InstallCore.Installer (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.installCore.FreeSoftware (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.Air Software.Installe.Installer (M), PUP.Outbrowse (M)
100.00%

Malwarebytes
PUP.Optional.DownloadAdmin, PUP.Optional.InstallCore
30.77%

K7 AntiVirus
Unwanted-Program
30.77%

Dr.Web
Adware.Downware.2220, Trojan.InstallCore.15
30.77%

VIPRE Antivirus
DownloadAdmin, InstallCore
30.77%

Sophos
Generic PUA NL, Generic PUA ML, Generic PUA CB, Generic PUA HA
30.77%

Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/InstallCore.Gen9
30.77%

McAfee
Artemis!421F68633CAA, Artemis!2D9241A1D1FE, Artemis!0AC2AC104CA1, Artemis!9F8DA35475A9
30.77%

Fortinet FortiGate
Riskware/DownloadAdmin, Riskware/InstallCore
30.77%

AVG
Generic
30.77%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen, Win32/Virus.Adware.f22
30.77%

ESET NOD32
Win32/DownloadAdmin (variant), Win32/InstallCore.RZ (variant)
23.08%

Agnitum Outpost
Riskware.Agent
15.38%

Trend Micro House Call
Suspicious_GEN.F47V1128, Suspicious_GEN.F47V1126
15.38%

Clam AntiVirus
Win.Adware.Downloadadmin
15.38%

The domain freempr8.warerefree.com has been seen to resolve to the following 2 IP addresses.

185.53.178.11
September 1, 2016

54.72.9.51
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
July 29, 2016

File downloads found at URLs served by freempr8.warerefree.com.

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016458849417  (installer_adobe_flash_player_tailandés.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=ADCASH&trckid=29925144931417345628  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=ADCASH&trckid=13332317871417191125  (installer_adobe_flash_player_rumano.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878332016205375508  (installer_adobe_flash_player_tailandés.exe)

18 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016383179325  (installer_adobe_flash_player_english.exe)

13 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016356779518  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009242987016177434184  (installer_adobe_flash_player_tailandés.exe)

13 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016283580446  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009898027016450679599  (installer_adobe_flash_player_english.exe)

13 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016485105727  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016485105727  (installer_adobe_flash_player_english.exe)

15 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016412735554  (installer_adobe_flash_player_english.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878329016540293782  (installer_adobe_flash_player_tailandés.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878332016171695151  (installer_adobe_flash_player_tailandés.exe)

1 / 68      (Adware)
http://freempr8.warerefree.com/.../download?p=REVENUE&trckid=009878332016171695151  (installer_adobe_flash_player_tailandés.exe)

19 / 68    (Adware)
http://freempr8.warerefree.com/.../download?p=ADCASH&trckid=10293468361417142946  (installer_adobe_flash_player_tailandés.exe)

The following 216 files have been seen to comunicate with freempr8.warerefree.com in live environments.

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
onedrvup.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
247843.ftf (Optimizer Pro v3.2 by PC Utilities Software Limited)

TCP » 54.72.9.51:80
1799877.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
install_flashplayer14x32_x64md_aaa_aih.exe (bon joueur)

TCP » 54.72.9.51:80
optimizerproinstaller.exe (Optimizer Pro v3.2 by PCUtilities Software Limited)

TCP » 54.72.9.51:80
charles.exe (by Apple)

TCP » 54.72.9.51:80
onedrv.exe

TCP » 54.72.9.51:80
IEError.exe (IEError)

TCP » 54.72.9.51:80
updater27793.exe (CouponDropDown Plugin by Innovative Apps)

TCP » 54.72.9.51:80
install_flashplayer16x33_masp_aaa_aih.exe (by Apple)

TCP » 54.72.9.51:80
toolbarupdaterservice.exe

TCP » 54.72.9.51:80
hdnInstaller.exe (hdnInstaller)

TCP » 54.72.9.51:80
g.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
smlb.jpg

TCP » 54.72.9.51:80
hqghumeaylnlf.exe (Optimizer Pro v3.2 by PC Utilities Software Limited)

 
Latest 20 of 220 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.