ny.offers.multiinstall.com

UNILOGIC Informatica Ltda ME

Domain Information

The domain ny.offers.multiinstall.com registered by UNILOGIC Informatica Ltda ME was initially registered in February of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Tuesday, February 19, 2013

Expires date:
Friday, February 19, 2016

Updated date:
Thursday, April 30, 2015

Root domain:

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SIENSA.T, PUP.PassionFruitTech.G, PUP.LiMo., PUP.MaLin., PUP.Installer.SIENSA., PUP.Installer.CLARALABSOFTWARE, PUP.DesktopWeather (L), PUP.Injekt.RatioApplications.Installer (M), PUP.Sien.IminentTechnology.Bundler (M), PUP.Downloader.Uboly.Installer (M)
73.33%

Dr.Web
Adware.Shopper.423, Threat.Undefined, Adware.Mutabaha.84, Adware.Searcher.2835
33.33%

IKARUS anti.virus
not-a-virus:Downloader.Agent, PUA.MultiInstaller, PUA.LiMo, PUA.Toolbar.Iminent
33.33%

AVG
Generic, LiMo, Generic_r
33.33%

MicroWorld eScan
Gen:Variant.Kazy.461155, Adware.Zapp.A, Gen:Application.Elex.1
26.67%

McAfee
Artemis!EAE451558E67, Artemis!E0973B75D4B5, Artemis!905156054F64, Artemis!E0A27FE398F7
26.67%

Agnitum Outpost
Trojan.DL.Agent, Riskware.Agent, PUA.Toolbar.Iminent
26.67%

Bitdefender
Gen:Variant.Kazy.461155, Adware.Zapp.A, Gen:Application.Elex.1
26.67%

F-Secure
Gen:Variant.Kazy.461155, Adware.Zapp.A, Gen:Application.Elex.1
26.67%

G Data
Gen:Variant.Kazy.461155, Adware.Zapp, Gen:Application.Elex
26.67%

Panda Antivirus
Trj/CI.A, Trj/Chgt.N, Trj/Genetic.gen, PUP/Clara
26.67%

Trend Micro House Call
Suspicious_GEN.F47V0729, Suspicious_GEN.F47V1126, Suspicious_GEN.F47V1201, Suspicious_GEN.F47V0507
26.67%

Baidu Antivirus
PUA.Win32.UltraDownloads, PUA.Win32.LiMo, Adware.Win32.Iminent
26.67%

Qihoo 360 Security
Win32/Application.33e, Win32/Virus.Adware.1ef, HEUR/QVM10.1.Malware.Gen, Win32/Trojan.Multi.daf
26.67%

herdProtect (fuzzy)
a variant of 569268f99d4babac9e942c23ace3cb840d8e5430, a variant of 6adba136b152276ba6382af98da70358cf567d99, a variant of 7f6b92125118705b9c14211cfeb93a1a8de028d5
20.00%

The domain ny.offers.multiinstall.com has been seen to resolve to the following 2 IP addresses.

May 16, 2016

ip-184-168-221-55.ip.secureserver.net
February 27, 2016

File downloads found at URLs served by ny.offers.multiinstall.com.

20 / 68    (Adware)
http://ny.offers.multiinstall.com/14585ec0a3e5538b5856944d387519b8f39071e7ccb740b5b06c6fea039ca6e0.exe  (975f849d4502effa6e711bd3ec451a7af39071e7ccb740b5b06c6fea039ca6e0.exe)

8 / 68      (PUP)

23 / 68    (Adware)
http://ny.offers.multiinstall.com/3bf14e4a53dda6fd70722d5a2dfe1c95f39071e7ccb740b5b06c6fea039ca6e0.exe  (3e999d9341b3ace6e95a022365138e1cf39071e7ccb740b5b06c6fea039ca6e0.exe)

1 / 68      (inconclusive)
http://ny.offers.multiinstall.com/51ccb03bc76fa32339fc16a75d5826eaf56b5dbf7cf85af2b46df7bf4bd8ce18.exe  (0c708da48344409bf8ba148c80ec48e9f56b5dbf7cf85af2b46df7bf4bd8ce18.exe)

0 / 68
http://ny.offers.multiinstall.com/51ccb03bc76fa32339fc16a75d5826eaa885be39e2b6a67a8c464b9fade39ff6.exe  (12a06977a0b3049c208bc0a49da668c5a885be39e2b6a67a8c464b9fade39ff6.exe)

 
Latest 30 of 91 download URLs

The following 115 files have been seen to comunicate with ny.offers.multiinstall.com in live environments.

 
Latest 20 of 115 files