get.file14desktop.com

OutBrowse

Domain Information

The domain get.file14desktop.com registered by OutBrowse was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Sunday, May 25, 2014

Expires date:
Wednesday, May 25, 2016

Updated date:
Tuesday, June 16, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OUTBROWSE.O, PUP.ClickYes.O, PUP.ClickToStart.K, PUP.SalyutemPlyus.p, PUP.Outbrowse.Bundler (M), PUP.Outbrowse.StartNOW.Bundler (M), PUP.Outbrowse.ClickYes.Bundler (M), PUP.Outbrowse.StartPla.Bundler (M), PUP.Outbrowse.ClickTru.Bundler (M), PUP.Outbrowse (M)
100.00%

Dr.Web
Adware.Downware.2081, infected with Trojan.Packed.29192, Adware.Downware.6169, Trojan.OutBrowse.6, Trojan.OutBrowse.51, Trojan.OutBrowse.55
55.88%

VIPRE Antivirus
Threat.4784459, Threat.4823950, Threat.4150696, Threat.5168392
47.06%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.Outbrowse, PUP.Optional.ClickYes
44.12%

K7 AntiVirus
Unwanted-Program
41.18%

AVG
Generic
41.18%

G Data
Win32.Application.Outbrowse, MemScan:Application.Bundler.Outbrowse
38.24%

ESET NOD32
Win32/OutBrowse.AV, Win32/OutBrowse.AX, Win32/OutBrowse.AW, Win32/OutBrowse.AY, Win32/OutBrowse.BJ (variant)
38.24%

Kaspersky
not-a-virus:AdWare.Win32.OutBrowse
35.29%

Avira AntiVirus
APPL/Downloader.Gen, APPL/OutBrowse.lwasp, APPL/Outbrowse.Gen
35.29%

Sophos
OutBrowse Revenyou
32.35%

McAfee
Adware-OutBrowse.a, Adware-OutBrowse.b, Adware-OutBrowse.c, Program.Adware-OutBrowse.c
29.41%

Agnitum Outpost
PUA.OutBrowse
20.59%

AhnLab V3 Security
PUP/Win32.OutBrowse
14.71%

ESET NOD32
Win32/OutBrowse.BK potentially unwanted application, Win32/OutBrowse.BC potentially unwanted application, Win32/OutBrowse.AW potentially unwanted application
11.76%

The domain get.file14desktop.com has been seen to resolve to the following 11 IP addresses.

ec2-54-175-102-143.compute-1.amazonaws.com
May 19, 2016

ec2-23-21-196-192.compute-1.amazonaws.com
April 4, 2016

ec2-204-236-219-53.compute-1.amazonaws.com
April 4, 2016

ec2-174-129-32-168.compute-1.amazonaws.com
January 3, 2016

ec2-107-20-180-82.compute-1.amazonaws.com
January 3, 2016

ec2-54-235-117-115.compute-1.amazonaws.com
January 3, 2016

ec2-50-17-193-226.compute-1.amazonaws.com
December 23, 2015

ec2-184-73-196-210.compute-1.amazonaws.com
December 23, 2015

ec2-54-221-222-214.compute-1.amazonaws.com
December 23, 2015

ec2-23-23-223-111.compute-1.amazonaws.com
May 3, 2015

ec2-50-19-236-133.compute-1.amazonaws.com
October 9, 2014

File downloads found at URLs served by get.file14desktop.com.

 
Latest 30 of 36 download URLs

URL:
http://get.file14desktop.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)