get.file23desktop.com

OutBrowse

Domain Information

The domain get.file23desktop.com registered by OutBrowse was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Sunday, May 25, 2014

Expires date:
Wednesday, May 25, 2016

Updated date:
Tuesday, June 16, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BonDonJOV, PUP.Outbrowse, PUP.Bundler.Outbrowse, Threat.Outbrowse.Bundler, PUP.Outbrowse.SafeDownloadGTL.Bundler (M), PUP.Outbrowse.AppsmarketABC.Bundler (M), PUP.Outbrowse.TrustedDownloadTyy.Bundler (M), PUP.Outbrowse.GlobalAp.Bundler (M), PUP.Outbrowse.safeclic.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Outbrowse.SafeDown.Bundler (M), PUP.Outbrowse.Appsmark.Bundler (M), PUP.Outbrowse (M)
100.00%

ESET NOD32
Win32/OutBrowse.BR potentially unwanted application, Win32/OutBrowse.BS potentially unwanted application, Win32/OutBrowse.BU potentially unwanted application
31.58%

K7 AntiVirus
Trojan , DoS-Trojan
31.58%

Fortinet FortiGate
Riskware/OutBrowse
31.58%

AVG
Downloader, Potentially harmful program Downloader.DIT, Potentially harmful program Downloader.DJD
31.58%

Dr.Web
infected with Trojan.OutBrowse.60, infected with Trojan.OutBrowse.89, infected with Trojan.OutBrowse.100, Trojan.OutBrowse.312
26.32%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.OutBrowse.gen
26.32%

NANO AntiVirus
Trojan.Win32.OutBrowse.dmihux, Trojan.Win32.OutBrowse.dmikim, Riskware.Win32.OutBrowse.dorbak
26.32%

Agnitum Outpost
PUA.OutBrowse
26.32%

Avira AntiVirus
APPL/Downloader.Gen
26.32%

Trend Micro House Call
Suspici.2AB55E13, Suspici.B4D1CBB0
26.32%

VIPRE Antivirus
Threat.4657539, Threat.4150696, Threat.5085447
21.05%

avast!
OutBrowse-AY [PUP], Rootkit-gen [Rtk], OutBrowse-GM [PUP], OutBrowse-IR [PUP]
21.05%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Outbrowse, Application.Bundler.Outbrowse.BA
21.05%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Outbrowse.1
21.05%

The domain get.file23desktop.com has been seen to resolve to the following 11 IP addresses.

ec2-54-175-102-143.compute-1.amazonaws.com
May 18, 2016

ec2-204-236-219-53.compute-1.amazonaws.com
April 4, 2016

ec2-23-21-196-192.compute-1.amazonaws.com
January 27, 2016

ec2-50-17-254-254.compute-1.amazonaws.com
January 27, 2016

ec2-50-17-193-226.compute-1.amazonaws.com
December 23, 2015

ec2-184-73-196-210.compute-1.amazonaws.com
December 23, 2015

ec2-54-221-222-214.compute-1.amazonaws.com
December 23, 2015

ec2-23-21-52-184.compute-1.amazonaws.com
May 15, 2015

ec2-54-243-193-107.compute-1.amazonaws.com
May 6, 2015

ec2-23-23-223-111.compute-1.amazonaws.com
May 4, 2015

ec2-54-196-192-2.compute-1.amazonaws.com
February 16, 2015

File downloads found at URLs served by get.file23desktop.com.

1 / 68      (Adware)

The following file have been seen to comunicate with get.file23desktop.com in live environments.

URL:
http://get.file23desktop.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)