home

get.file14desktop.com

OutBrowse

Domain Information

The domain get.file14desktop.com registered by OutBrowse was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Sunday, May 25, 2014

Expires date:
Wednesday, May 25, 2016

Updated date:
Tuesday, June 16, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
file14desktop.com

Whois:
2 file14desktop.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OUTBROWSE.O, PUP.ClickYes.O, PUP.ClickToStart.K, PUP.SalyutemPlyus.p, PUP.Outbrowse.Bundler (M), PUP.Outbrowse.StartNOW.Bundler (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.Outbrowse.StartPla.Bundler (M), PUP.Outbrowse.ClickTru.Bundler (M), PUP.Outbrowse (M)
100.00%

Dr.Web
Adware.Downware.2081, infected with Trojan.Packed.29192, Adware.Downware.6169, Trojan.OutBrowse.6, Trojan.OutBrowse.51, Trojan.OutBrowse.55
55.88%

VIPRE Antivirus
Threat.4784459, Threat.4823950, Threat.4150696, Threat.5168392
47.06%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.Outbrowse, PUP.Optional.ClickYes
44.12%

K7 AntiVirus
Unwanted-Program
41.18%

AVG
Generic
41.18%

G Data
Win32.Application.Outbrowse, MemScan:Application.Bundler.Outbrowse
38.24%

ESET NOD32
Win32/OutBrowse.AV, Win32/OutBrowse.AX, Win32/OutBrowse.AW, Win32/OutBrowse.AY, Win32/OutBrowse.BJ (variant)
38.24%

Kaspersky
not-a-virus:AdWare.Win32.OutBrowse
35.29%

Avira AntiVirus
APPL/Downloader.Gen, APPL/OutBrowse.lwasp, APPL/Outbrowse.Gen
35.29%

Sophos
OutBrowse Revenyou
32.35%

McAfee
Adware-OutBrowse.a, Adware-OutBrowse.b, Adware-OutBrowse.c, Program.Adware-OutBrowse.c
29.41%

Agnitum Outpost
PUA.OutBrowse
20.59%

AhnLab V3 Security
PUP/Win32.OutBrowse
14.71%

ESET NOD32
Win32/OutBrowse.BK potentially unwanted application, Win32/OutBrowse.BC potentially unwanted application, Win32/OutBrowse.AW potentially unwanted application
11.76%

The domain get.file14desktop.com has been seen to resolve to the following 11 IP addresses.

54.175.102.143
ec2-54-175-102-143.compute-1.amazonaws.com
May 19, 2016

23.21.196.192
ec2-23-21-196-192.compute-1.amazonaws.com
April 4, 2016

204.236.219.53
ec2-204-236-219-53.compute-1.amazonaws.com
April 4, 2016

174.129.32.168
ec2-174-129-32-168.compute-1.amazonaws.com
January 3, 2016

107.20.180.82
ec2-107-20-180-82.compute-1.amazonaws.com
January 3, 2016

54.235.117.115
ec2-54-235-117-115.compute-1.amazonaws.com
January 3, 2016

50.17.193.226
ec2-50-17-193-226.compute-1.amazonaws.com
December 23, 2015

184.73.196.210
ec2-184-73-196-210.compute-1.amazonaws.com
December 23, 2015

54.221.222.214
ec2-54-221-222-214.compute-1.amazonaws.com
December 23, 2015

23.23.223.111
ec2-23-23-223-111.compute-1.amazonaws.com
May 3, 2015

50.19.236.133
ec2-50-19-236-133.compute-1.amazonaws.com
October 9, 2014

File downloads found at URLs served by get.file14desktop.com.

0 / 68
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=ujt3N8zk  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=LXiQXz6u  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=BUIYTqez  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=Upuwnue2  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=4863&d=6569&l=6159&n=1&dynamicname=LectureMAKER 2.0&filename=LectureMAKER 2.0  (lecturemaker 2.0.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=4SyIjPmo  (file installer.exe)

6 / 68      (PUP)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=anNsRhTe  (file installer.exe)

0 / 68
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=kNZFa0Li  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=HTNSF4sA  (riteofpassage3.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=0rDxBVzR  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=zUl6NV9d  (file installer.exe)

8 / 68      (PUP)
http://get.file14desktop.com/.../GetLA?p=2482&d=2705&l=2623&n=0&clickid=2f854854c31ce70bcf0ef345&s=16am_free minecraft full game_kizi.com  (installation.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=4863&d=6569&l=6159&n=1&dynamicname=SolidWorks&filename=SolidWorks  (solidworks.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=4863&d=6569&l=6159&n=1&dynamicname=SolidWorks eDrawings 2013 13.4.0.107 SP04&filename=SolidWorks eDrawings 2013 13.4.0.107 SP04  (solidworks edrawings 2013 13.4.0.107 sp04.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=0OTpXhXS  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=4CMmmXC3  (file installer.exe)

1 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=Xw60D6Yk  (file installer.exe)

16 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=6207&d=8298&l=7799&n=1&filename=Remove WAT  (remove wat.exe)

7 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=4863&d=6569&l=6159&n=1&dynamicname=Mutants Genetic Gladiators Hack Cheat 2015 2015&filename=Mutants Genetic Gladiators Hack Cheat 2015 2015  (mutants genetic gladiators hack cheat 2015 2015.exe)

6 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=wnCsNVTd  (file installer.exe)

14 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=YXTQuPKJ  (file installer.exe)

17 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=VXq6zMw8  (file installer.exe)

13 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=8ac5UMJN  (file installer.exe)

13 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=FhFcWdjz  (file installer.exe)

5 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=a5kmKm05  (file installer.exe)

6 / 68      (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=lCVXUCPs  (file installer.exe)

12 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=zM78XzGU  (file installer.exe)

10 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=9IoYAHsW  (file installer.exe)

10 / 68    (Adware)
http://get.file14desktop.com/.../Get?p=3916&d=22334&l=21516&n=1&filename=file installer&x=2&r=YutmTCcd  (file installer.exe)

 
Latest 30 of 36 download URLs

URL:
http://get.file14desktop.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.