home

vdownloader.com.br

catiuscia marques costa santos

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Server location:
Arizona, United States (US)

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Whois:
2 vdownloader.com.br records

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SITEONSPOT.b, PUP.Somoto, PUP.Installer.Somoto, PUP.Bundler.Somoto, PUP.Somoto.Somotoinc.Installer (M), PUP.Somoto.Somotoinc (M), PUP.Somoto.SomotoIsrael.Bundler (M)
83.33%

ESET NOD32
Win32/Somoto, Win32/Somoto.P potentially unwanted, Win32/Somoto.Q potentially unwanted, Win32/Somoto.G potentially unwanted
61.11%

Baidu Antivirus
Adware.Win32.Somoto
61.11%

Dr.Web
infected with Trojan.Packed.27860, Adware.Somoto.142, Adware.Somoto.143, Adware.Somoto.144
55.56%

Qihoo 360 Security
Win32/Virus.Downloader.942, HEUR/Malware.QVM06.Gen, HEUR/QVM42.0.Malware.Gen, HEUR/QVM42.1.Malware.Gen, HEUR/QVM03.0.Malware.Gen
44.44%

Bkav FE
W32.HfsAdware
44.44%

VIPRE Antivirus
BetterInstaller, Trojan.Win32.Generic
38.89%

SUPERAntiSpyware
PUP.Somoto/Variant
27.78%

Trend Micro House Call
Suspicious_GEN.F47V0128, Suspicious_GEN.F47V0424, Suspicious_GEN.F47V0605, Suspicious_GEN.F47V0610
22.22%

Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:Downloader.Win32.Agent, not-a-virus:HEUR:Downloader.NSIS.Somoto
16.67%

McAfee
Artemis!C53636A97D8A, Artemis!0CB6083D810B, Artemis!E1EA6CCC724C
16.67%

Malwarebytes
PUP.Optional.Somoto.A
16.67%

ESET NOD32
Win32/Somoto.P potentially unwanted application
11.11%

Sophos
Generic PUA CK, Generic PUA JO (PUA)
11.11%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
5.56%

The domain vdownloader.com.br has been seen to resolve to the following 3 IP addresses.

104.238.67.187
ip-104-238-67-187.ip.secureserver.net
February 2, 2016

54.207.52.233
ec2-54-207-52-233.sa-east-1.compute.amazonaws.com
April 25, 2014

23.21.142.142
ec2-23-21-142-142.compute-1.amazonaws.com
December 25, 2013

File downloads found at URLs served by vdownloader.com.br.

17 / 68    (PUP)
http://vdownloader.com.br/get/.../?p=button  (vdownloader4ch.exe)

6 / 68      (Adware)
http://vdownloader.com.br/.../latest  (vdownloader4oc.exe)

0 / 68
http://vdownloader.com.br/.../?p=button  (vdownloader4oc_downloader-q3m5evtzc.exe.jse)

5 / 68      (PUP)
http://vdownloader.com.br/.../?p=button  (vdownloader4oc.exe)

0 / 68
http://vdownloader.com.br/download/.../?p=button  (vdownloader4oc.exe)

3 / 68      (Adware)
http://vdownloader.com.br/get/.../  (vdownloader4oc.exe)

URL:
http://vdownloader.com.br/

Google Analytics:
UA-41380733

Title:
“VDownloader - Download YouTube Videos and Music”

Description:
“VDownloader é um software que permite que você salve vídeos a partir de qualquer website, incluindo YouTube, em seu disco rígido.”

SSL certificate subject:
CN=vdownloader.com.br, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
Microsoft-IIS/8.5 (ASP.NET)

getvdownloader.com.br

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.