home

update.video-plugin-download.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain update.video-plugin-download.com is registered by proxy through ENOM, INC. and was originally registered in December of 2012. Currently this domain has been known to host various forms of malware. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Tuesday, December 18, 2012

Expires date:
Sunday, December 18, 2016

Updated date:
Wednesday, November 18, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:
video-plugin-download.com

Whois:
1 video-plugin-download.com record

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Hao123 (variant), Win32/Hao123.A potentially unwanted (variant)
66.67%

Dr.Web
Trojan.StartPage.51761
66.67%

SUPERAntiSpyware
Trojan.Agent/Gen-Swisyn
33.33%

Trend Micro House Call
Suspicious_GEN.F47V0528
33.33%

Qihoo 360 Security
HEUR/QVM06.2.Malware.Gen
33.33%

herdProtect (fuzzy)
a variant of a153351aab612402c655bebea37d81cb3d8caa1b
33.33%

ESET NOD32
Detection.Undefined
33.33%

McAfee
Artemis!22DEE59659BC
33.33%

The domain update.video-plugin-download.com has been seen to resolve to the following IP address.

198.232.124.224
224-124-232-198.static.unitasglobal.net
April 6, 2016

File downloads found at URLs served by update.video-plugin-download.com.

3 / 68      (PUP)
http://update.video-plugin-download.com/view/.../3setup.exe  (22dee59659bc7fa0b79005199bd6c2eb)

2 / 68      (Malware)
http://update.video-plugin-download.com/view/.../setup.exe  (ad6d2c987fc2a2a501ada98e5208dd64)

5 / 68      (Malware)
http://update.video-plugin-download.com/view/.../setup.exe  (awh7569.tmp)

The following 25 files have been seen to comunicate with update.video-plugin-download.com in live environments.

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
defaulttabsearch.exe

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
downloadmanager.exe (setup by @)

TCP » 198.232.124.224:80
downloadmanager.exe (Smart by @)

TCP » 198.232.124.224:80
MyHeritage.exe (MyHeritage Family Tree Builder by MyHeritage)

TCP » 198.232.124.224:80
dm1392322454.exe (setup by @)

TCP » 198.232.124.224:80
microsoft office 2013 professional plus full activator crack (32.bit-64.bit)__6266_il12065.exe

TCP » 198.232.124.224:80
sysTPLService.exe (sysTPLService by Tlapia)

TCP » 198.232.124.224:80
defaulttabsearch.exe

TCP » 198.232.124.224:80
secureassist.exe (SecureAssist.exe by SecureAssist)

TCP » 198.232.124.224:80
rd.exe

TCP » 198.232.124.224:80
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

TCP » 198.232.124.224:80
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

 
Latest 20 of 27 files

URL:
http://update.video-plugin-download.com/

Web server:
NetDNA-cache/2.2

airdlr.com

ashampoo.com

browserdownloadsoft.com

browsoftdl.com

downloadcluster.com

downloadmix.de

downserver1.com

downserver2.com

downserver4.com

file2desktop.com

flashfxp.com

interstitials.net

mhcache.com

mysearchresults.com

netdna-cdn.com

netdna-ssl.com

opensightsoftware.com

ppdownload.com

raagalahari.com

revenyou.com

revenyouapp.com

sneakernews.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.