storage-eu-2.sharefile.com

ShareFile

Domain Information

The domain storage-eu-2.sharefile.com registered by ShareFile was initially registered in June of 2001 through REGISTER.COM, INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
REGISTER.COM, INC.

Server location:
Dublin City, Ireland (IE)

Create date:
Sunday, June 24, 2001

Expires date:
Monday, June 24, 2019

Updated date:
Friday, March 13, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Malware distribution  (67% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/TrojanDownloader.Delf.BNZ trojan, Win32/Injector.Autoit.CAF trojan, MSIL/TrojanDownloader.Agent.BJL trojan
60.00%

Emsisoft Anti-Malware
Gen:Variant.Strictor.99853, Gen:Variant.Zusy.173527, Gen:Variant.Strictor.96804, Gen:Variant.Symmi.58577
50.00%

Kaspersky
UDS:DangerousObject.Multi.Generic, Backdoor.Win32.DarkKomet, Trojan.Win32.Inject, Trojan-Banker.Win32.Banbra
40.00%

Qihoo 360 Security
QVM18.1.Malware.Gen, Win32/Trojan.f05, HEUR/QVM18.1.Malware.Gen, HEUR/QVM11.1.Malware.Gen
40.00%

Lavasoft Ad-Aware
Gen:Variant.Zusy.173527, Gen:Variant.Strictor.96804
40.00%

McAfee
Trojan.Artemis!C405EF5CB856, Trojan.Artemis!48C454CC6843, Artemis!15A2CF196E14, Trojan.Artemis!5F883CA515C2
40.00%

avast!
Win32:Malware-gen
30.00%

Norman
Gen:Variant.Zusy.173527, Gen:Variant.Strictor.96804
30.00%

Avira AntiVirus
TR/AD.LuminosityLink.Y.138, TR/Crypt.fkm.1158, TR/Downloader.A.34289
30.00%

IKARUS anti.virus
Trojan.Win32.Injector, Trojan.SuspectCRC, Trojan-Downloader
30.00%

Bkav FE
HW32.Packed
20.00%

MicroWorld eScan
Gen:Variant.Strictor.99853, Gen:Variant.Symmi.58577
20.00%

Bitdefender
Gen:Variant.Strictor.99853, Gen:Variant.Symmi.58577
20.00%

Lavasoft Ad-Aware
Gen:Variant.Strictor.99853, Gen:Variant.Symmi.58577
20.00%

F-Secure
Gen:Variant.Strictor.99853, Gen:Variant.Symmi.58577
20.00%

The domain storage-eu-2.sharefile.com has been seen to resolve to the following IP address.

ec2-54-77-239-81.eu-west-1.compute.amazonaws.com
December 25, 2015

File downloads found at URLs served by storage-eu-2.sharefile.com.

5 / 68      (Malware)

10 / 68    (Malware)

4 / 68      (Malware)

2 / 68      (Malware)

URL:
http://storage-eu-2.sharefile.com/

Title:
“ShareFile Storage Server”

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=*.sharefile.com, OU=ShareFile, O="ShareFile, LLC", L=Raleigh, S=NC, C=US

SSL certificate issuer:
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US

Web server:
Microsoft-IIS/7.5