secured.atouristeast.us

Admonetizer Inc

Domain Information

The domain secured.atouristeast.us registered by Admonetizer Inc was initially registered in April of 2015 through GODADDY.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GoDaddy.com, Inc.

Server location:
Arizona, United States (US)

Create date:
Monday, April 20, 2015

Expires date:
Tuesday, April 19, 2016

Updated date:
Monday, April 20, 2015

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Avira AntiVirus
PUA/Vittalia.Gen, PUA/InstallMonetizer.Gen
69.77%

Malwarebytes
PUP.Optional.SushiLeads.A, PUP.Optional.CheckOffer, PUP.Optional.Clara.A
69.77%

SUPERAntiSpyware
Adware.InstallMonetizer/Variant
65.12%

NANO AntiVirus
Trojan.Nsis.Downloader.djhpgw, Riskware.Win32.InstallMonetizer.dymuwe
65.12%

Dr.Web
Adware.Pasta.18, Adware.Downware.11265, Threat.Undefined, Adware.Iminent.66, Adware.InstallMonetizer.1, Win32.Sector.30
60.47%

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF, NS:PUF.SilenceInstaller!1.9DDF [F], NS:Adware.Agent!1.A387 [F], NS:PUF.SilenceInstaller!1.9DDF[F1]
58.14%

Kaspersky
not-a-virus:AdWare.NSIS.Agent, not-a-virus:Downloader.NSIS.SilentInstall, Virus.Win32.Sality
46.51%

herdProtect (fuzzy)
a variant of 9dc2fadc0bb1a9aaaee3cd183c35f0f29f78900d, a variant of 8018d5809291374af3d8e2dd0ddb70990568d6c1, a variant of 81b9b66da29ba0b3c418e0d2d11b09a2c27410ca
39.53%

VIPRE Antivirus
Threat.4786532, Adware.NSIS.Agent, Threat.4150696, Threat.4801508, Trojan.Win32.Generic
32.56%

Baidu Antivirus
Adware.NSIS.Agent, PUA.Win32.InstallMonetizer
32.56%

ESET NOD32
Win32/InstallMonetizer.BG potentially unwanted, Win32/InstallMonetizer.BJ potentially unwanted
30.23%

Reason Heuristics
PUP.Extension.ChromePlugin, PUP.ClaraLabSoftware.Installer (M), Threat.Win.Reputation.IMP, PUP.InstallManager.Meta (M), PUP.InstallMonetizer.ET (M)
23.26%

ESET NOD32
Win32/InstallMonetizer.BG potentially unwanted application, Win32/InstallMonetizer.BJ potentially unwanted application, Win32/Sality.NBA virus
18.60%

Qihoo 360 Security
HEUR/QVM42.1.Malware.Gen, HEUR/QVM42.0.Malware.Gen
13.95%

Panda Antivirus
Generic Suspicious
13.95%

The domain secured.atouristeast.us has been seen to resolve to the following IP address.

ip-50-63-202-46.ip.secureserver.net
May 15, 2016

File downloads found at URLs served by secured.atouristeast.us.

8 / 68      (PUP)

3 / 68      (PUP)

6 / 68      (PUP)
http://secured.atouristeast.us/SplitCam_5414.exe  (9f069ad789e8610581318d7b1d5ae530)

3 / 68      (PUP)
http://secured.atouristeast.us/IDAccelerator_8453.exe  (5358e66673981c1898a605d362c43120)

10 / 68    (PUP)

4 / 68      (PUP)
http://secured.atouristeast.us/zentimo_4615.exe  (605c68d56cebdd7ea63ff8f71f97cdb5)

15 / 68    (PUP)
http://secured.atouristeast.us/New_Offer_10152.exe  (bd8477fbe47504da5e7d1173b65c58d9)

1 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (inconclusive)

1 / 68      (Malware)
http://secured.atouristeast.us/.../WeatherPing_Silent.exe  (221e7b506e8472a8679aa79c0f510ebf)

5 / 68      (PUP)
http://secured.atouristeast.us/.../Bobrowser.exe  (15b994ee45a834eefd31c4f72411def2)

The following 80 files have been seen to comunicate with secured.atouristeast.us in live environments.

 
Latest 20 of 80 files

30 of 31 related domains