home

v.thedownloadoid.net

Domain Information

Server location:
California, United States (US)

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:
thedownloadoid.net

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Trend Micro House Call
Suspicious_GEN.F47V1225
100.00%

Avira AntiVirus
ADWARE/Adware.Gen7
100.00%

Kaspersky
not-a-virus:Downloader.NSIS.Agent
100.00%

Sophos
Generic PUA LO
100.00%

AhnLab V3 Security
PUP/Win32.Agent
100.00%

McAfee
Artemis!13ACB5EAF3D8
100.00%

Vba32 AntiVirus
Downloader.Agent
100.00%

Panda Antivirus
Generic Suspicious
100.00%

Baidu Antivirus
Hacktool.NSIS.Agent
100.00%

The domain v.thedownloadoid.net has been seen to resolve to the following IP address.

198.232.124.192
192-124-232-198.static.unitasglobal.net
March 26, 2015

File downloads found at URLs served by v.thedownloadoid.net.

9 / 68      (PUP)
http://v.thedownloadoid.net/.../compete_precheck_112114233405.exe  (13acb5eaf3d80562e67528dfa5869af8)

The following 41 files have been seen to comunicate with v.thedownloadoid.net in live environments.

TCP » 198.232.124.192:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:80
whatsapptime.exe

TCP » 198.232.124.192:443
Client.exe

TCP » 198.232.124.192:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 198.232.124.192:80
online-guardian-v2.exe

TCP » 198.232.124.192:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:443
browser.exe (speed browser by Smart Applications)

TCP » 198.232.124.192:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:443
online-guardian-v2.0.9.exe

TCP » 198.232.124.192:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.192:80
jingling.exe

TCP » 198.232.124.192:80
browser.exe (Speed Browser by Smart Applications)

TCP » 198.232.124.192:443
apptrailers.exe

TCP » 198.232.124.192:80
instatime.exe

TCP » 198.232.124.192:80
online-guardian-v2.0.9.exe

TCP » 198.232.124.192:80
genieutils.exe

TCP » 198.232.124.192:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 50 files

bestware.org

desipapa.com

doutissima.com.br

down4desk.com

download2desktop.com

download4desktop.com

downserver1.com

downserver2.com

downserver3.com

downserver4.com

downserver5.com

downserver6.com

emazinglights.com

epicgear.com

file4desktop.com

fuckmyindiangf.com

gamesco.net

glanacion.com

gyazo.com

indianhiddencams.com

izapya.com

jellyfields.com

lanacion.com.ar

mediaclues.com

mykalvi.com

netdna-cdn.com

netdna-ssl.com

pompaap.com

ppdownload.com

proxpn.com

30 of 39 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.