home

update.best-download.org

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain update.best-download.org is registered by proxy through Columbianames.com LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Munich, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
Columbianames.com LLC

Server location:
Bayern, Germany (DE)

ASN:
AS61969 TEAMINTERNET-AS Team Internet AG,DE

Root domain:
best-download.org

Whois:
1 best-download.org record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SpeedChecker.Optional.Installer.Meta (L), PUP.Widdit.OneFloorApp.Bundler (M), PUP.eDeal.Installer.Meta (M), PUP.ELEX.LiMo (M)
66.67%

Malwarebytes
PUP.Optional.eDeals.A, PUP.Optional.EDeals.A
33.33%

avast!
Win32:Adware-BTM [PUP], Win32:Trojan-gen
33.33%

Kaspersky
not-a-virus:AdWare.Win32.eDeals, not-a-virus:AdWare.Win32.Tirrip
33.33%

Sophos
Pirrit
33.33%

Qihoo 360 Security
Win32/Trojan.Multi.daf, HEUR/QVM06.1.Malware.Gen
33.33%

Avira AntiVirus
Adware/Pirrit.B
16.67%

G Data
Win32.Adware.Edeals
16.67%

Vba32 AntiVirus
AdWare.eDeals
16.67%

ESET NOD32
Win32/AdWare.Pirrit (variant)
16.67%

AVG
Generic5
16.67%

K7 AntiVirus
Riskware
16.67%

Trend Micro House Call
Suspicious_GEN.F47V1126
16.67%

VIPRE Antivirus
Trojan.Win32.Generic
16.67%

Panda Antivirus
Generic Suspicious
16.67%

The domain update.best-download.org has been seen to resolve to the following 2 IP addresses.

185.53.177.7
April 14, 2016

185.53.177.9
March 3, 2016

File downloads found at URLs served by update.best-download.org.

1 / 68      (Adware)
http://update.best-download.org/products/.../HomeTab.exe  (28.exe)

10 / 68    (PUP)
http://update.best-download.org/products/.../eDealsInstaller-Distribution.exe  (82729406e36fa3255f429f231244bb6d)

1 / 68      (Adware)
http://update.best-download.org/products/.../bro_webssearches_280814.exe  (24.exe)

11 / 68    (PUP)
http://update.best-download.org/products/.../eDealInstaller-Distribution-2.71.exe  (edealinstaller_2611-3bef6bce.exe)

1 / 68      (PUP)
http://update.best-download.org/products/.../eDealInstaller-Distribution-2.73.exe  (f90cf8c7b0cfc37bac1be9aa4bcc689a)

1 / 68      (PUP)
http://update.best-download.org/products/.../pcspeedup.exe  (pcsu_sl_3.6.6_qs-wot-du2.exe)

The following 4 files have been seen to comunicate with update.best-download.org in live environments.

TCP » 185.53.177.7:80
fb-leadjacker.crx

TCP » 185.53.177.7:80
eco_launch.crx

TCP » 185.53.177.7:80
fb-leadjacker.crx

TCP » 185.53.177.9:80
fb-commander.crx

URL:
http://update.best-download.org/

Google Analytics:
UA-48689684

Title:
“best-download.org”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.