get.down1012.org

OutBrowse

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GoDaddy.com, LLC

Server location:
Virginia, United States (US)

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
(M), PUP.MariMara.M, PUP.JustAccept, PUP.Bundler.Outbrowse, PUP.Outbrowse.otOPiaSoFT.Bundler (M), PUP.Outbrowse.MariMara.Bundler (M), PUP.Outbrowse.YesApps.Bundler (M), PUP.Outbrowse.otOPiaSo.Bundler (M), PUP.Outbrowse (M)
100.00%

Dr.Web
Trojan.OutBrowse.14, Trojan.OutBrowse.54, infected with Trojan.OutBrowse.125
7.89%

Sophos
PUA 'OutBrowse Revenyou'
7.89%

McAfee
Adware-OutBrowse.d, Program.Adware-OutBrowse.d, Adware-OutBrowse.e
7.89%

Malwarebytes
PUP.Optional.OutBrowse
7.89%

Agnitum Outpost
PUA.OutBrowse
7.89%

NANO AntiVirus
Trojan.Win32.OutBrowse.dlwssj, Trojan.Win32.OutBrowse.dlunsw, Trojan.Win32.Generic.dorbni
7.89%

Avira AntiVirus
APPL/Outbrowse.Gen, PUA/Outbrowse.Gen
7.89%

Fortinet FortiGate
Riskware/OutBrowse, Adware/OutBrowse
7.89%

AVG
Downloader, Adware AdPlugin.CUA
7.89%

ESET NOD32
Win32/OutBrowse.BQ potentially unwanted application, Win32/OutBrowse.BS potentially unwanted application
5.26%

K7 AntiVirus
Unwanted-Program
5.26%

Trend Micro House Call
Suspici.C190457F, Suspici.2F9E2453
5.26%

Vba32 AntiVirus
Downloader.OutBrowse
5.26%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.Win32.OutBrowse
5.26%

The domain get.down1012.org has been seen to resolve to the following 10 IP addresses.

ec2-54-175-102-143.compute-1.amazonaws.com
May 17, 2016

ec2-50-19-244-143.compute-1.amazonaws.com
April 19, 2016

ec2-54-225-72-141.compute-1.amazonaws.com
April 2, 2016

ec2-107-20-138-96.compute-1.amazonaws.com
April 2, 2016

ec2-54-235-203-221.compute-1.amazonaws.com
February 21, 2016

ec2-75-101-141-20.compute-1.amazonaws.com
February 21, 2016

ec2-23-23-73-75.compute-1.amazonaws.com
February 17, 2016

ec2-54-243-166-148.compute-1.amazonaws.com
February 17, 2016

ec2-54-225-222-50.compute-1.amazonaws.com
February 10, 2016

ec2-23-23-109-139.compute-1.amazonaws.com
February 10, 2016

File downloads found at URLs served by get.down1012.org.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 38 download URLs

URL:
http://get.down1012.org/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)