The domain get.file3desktop.com registered by OutBrowse was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Sunday, May 25, 2014
Expires date:
Wednesday, May 25, 2016
Updated date:
Tuesday, May 26, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Google Safe Browsing:
unwanted
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.ClickToStart.M, PUP.SalyutemPlyus.M, PUP.BonDonJOV.M, PUP.BESTApp, PUP.Installer.Outbrowse, PUP.Outbrowse, PUP.Bundler.Outbrowse, PUP.Outbrowse.Installer.Outborwse, PUP.Outbrowse.SalyutemPlyus.Bundler (M), PUP.Outbrowse.Bestapp.Bundler (M), PUP.Outbrowse.TrustedappsDDD.Bundler (M), PUP.Outbrowse.ClickToStart.Bundler (M), PUP.Outbrowse.BondoNjoV.Bundler (M), PUP.OutBrowse.TOVKOMSERVUKRAYINA.Installer (M), PUP.Outbrowse.Bundler (M), PUP.Outbrowse.YesApps.Bundler (M), PUP.Outbrowse.KAFORVAR.Installer (M), PUP.Outbrowse.Salyutem.Bundler (M), PUP.Outbrowse.ClickToS.Bundler (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Outbrowse (M)
93.75%
Avira AntiVirus
APPL/Outbrowse.Gen, APPL/Downloader.Gen, PUA/Outbrowse.Gen
43.75%
Dr.Web
Trojan.OutBrowse.51, Trojan.OutBrowse.55, infected with Trojan.OutBrowse.65, Trojan.OutBrowse.92, Trojan.OutBrowse.95, Trojan.OutBrowse.14
40.63%
AVG
Generic, Potentially harmful program Downloader.CVJ, Potentially harmful program Downloader.DJN, Potentially harmful program Downloader.DAQ
40.63%
ESET NOD32
Win32/OutBrowse.BK potentially unwanted application, Win32/OutBrowse.BN potentially unwanted application, Win32/OutBrowse.BS potentially unwanted application
37.50%
K7 AntiVirus
Unwanted-Program , Trojan
37.50%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4823950, Threat.4150696
31.25%
Trend Micro House Call
Suspici.FB78FCB8, Suspici.D7386B62, Suspici.AF8C44A8, Suspici.CA60B70D, Suspici.33AE6F52, Suspici.1E866FE6, TROJ_GE.546C885B
28.13%
McAfee
Program.Adware-OutBrowse.c, Artemis!591DF37B3C00, Artemis!37E651623C32, Program.Adware-OutBrowse.d, Program.Adware-OutBrowse.e
28.13%
Malwarebytes
PUP.Optional.OutBrowse
25.00%
AhnLab V3 Security
PUP/Win32.OutBrowse
25.00%
MicroWorld eScan
MemScan:Application.Bundler.IX, MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Gen:Variant.Application.Bundler.Outbrowse.1
21.88%
Bitdefender
MemScan:Application.Bundler.IX, MemScan:Application.Bundler.Outbrowse.V, MemScan:Application.Bundler.JU, Gen:Variant.Application.Bundler.Outbrowse.1
21.88%
G Data
MemScan:Application.Bundler.IX, MemScan:Application.Bundler.Outbrowse, MemScan:Application.Bundler.JU, Gen:Variant.Application.Bundler.Outbrowse
21.88%
Fortinet FortiGate
Riskware/OutBrowse, W32/Agent.BS!tr
21.88%
The domain get.file3desktop.com has been seen to resolve to the following 10 IP addresses.
ec2-54-175-102-143.compute-1.amazonaws.com
May 16, 2016
ec2-204-236-219-53.compute-1.amazonaws.com
April 3, 2016
ec2-50-17-254-254.compute-1.amazonaws.com
February 24, 2016
ec2-23-21-196-192.compute-1.amazonaws.com
February 24, 2016
ec2-23-23-100-166.compute-1.amazonaws.com
October 13, 2015
ec2-107-20-167-91.compute-1.amazonaws.com
October 13, 2015
ec2-54-225-119-32.compute-1.amazonaws.com
July 15, 2015
ec2-23-21-127-136.compute-1.amazonaws.com
July 15, 2015
ec2-23-21-168-225.compute-1.amazonaws.com
June 26, 2015
ec2-184-73-207-59.compute-1.amazonaws.com
May 28, 2015
File downloads found at URLs served by get.file3desktop.com.
The following file have been seen to comunicate with get.file3desktop.com in live environments.
URL:
http://get.file3desktop.com/
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
Microsoft-IIS/8.0 (ASP.NET) (Version: 4.0.30319)