member.20dollars2surf.com

ITWEB Domain Protection

Domain Information

The domain member.20dollars2surf.com registered by ITWEB Domain Protection was initially registered in December of 2015 through OVH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
TOP PICK NAMES LLC

Server location:
Victoria, Australia (AU)

Create date:
Friday, December 25, 2015

Expires date:
Sunday, December 25, 2016

Updated date:
Wednesday, January 20, 2016

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:

Scanner detections:
Detections  (87% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.GalacticBros.2Surf.Installer.Meta (M), PUP.Installer.ClickMeInLimited.F, PUP.GalacticBros.2Surf (M)
81.48%

Dr.Web
Adware.Toolbar.149, Trojan.Packed.24524, Threat.Undefined, - infected container c:\users\test\appdata\local\temp\b2f90e5b837a90194ca68a39f324aaaf06f63d2b Troj
25.93%

ESET NOD32
Win32/D2Surf, Win32/InstallCore.HZ, Win32/InstallCore.IE (variant)
14.81%

Bkav FE
W32.Clod253.Trojan
11.11%

NANO AntiVirus
Trojan.Win32.Toolbar.cqtnbo
11.11%

ESET NOD32
Win32/D2Surf.A potentially unsafe application
11.11%

McAfee
Artemis!201F7E3DD4D1, Artemis!AB5030686456
7.41%

Malwarebytes
PUP.Optional.InstallCore
7.41%

Trend Micro House Call
TROJ_GEN.F47V1220, TROJ_GEN.F47V0120
7.41%

Vba32 AntiVirus
Downware.InstallCore
7.41%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
7.41%

Fortinet FortiGate
Riskware/InstallCore
7.41%

herdProtect (fuzzy)
a variant of 9ffde2fc6398c5f9f14c2fc5301b470cca563c4c
3.70%

The domain member.20dollars2surf.com has been seen to resolve to the following 2 IP addresses.

lb-182-252.above.com
February 1, 2016

62-210-162-44.rev.poneytelecom.eu
January 10, 2014

File downloads found at URLs served by member.20dollars2surf.com.

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

9 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (Malware)

2 / 68      (Malware)

5 / 68      (PUP)

4 / 68      (Malware)

0 / 68
http://member.20dollars2surf.com/innosetup_91022437.exe  (bd44283e00c74772a8be20571f08e3b8)

4 / 68      (PUP)

1 / 68      (PUP)

The following 33 files have been seen to comunicate with member.20dollars2surf.com in live environments.

 
Latest 20 of 33 files

URL:
http://member.20dollars2surf.com/

Web server:
Apache