winu.secureddl.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain winu.secureddl.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, March 18, 2014

Expires date:
Saturday, March 18, 2017

Updated date:
Friday, February 12, 2016

ASN:
AS16276 OVH OVH SAS,FR

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP
100.00%

Qihoo 360 Security
HEUR/Malware.QVM11.Gen, Win32/Trojan.Downloader.4d5, Win32/Trojan.Dropper.0c3, HEUR/QVM11.1.Malware.Gen
100.00%

Trend Micro House Call
TROJ_DROPPER.JFK, TROJ_GEN.R047H07G914, TROJ_GEN.R00UH07C914, Suspicious_GEN.F47V0716
80.00%

McAfee
RDN/Generic.dx!ddt, Artemis!D2BF714FB10D, Artemis!37BD65F12E99
60.00%

VIPRE Antivirus
Trojan.Win32.Generic
60.00%

Norman
Suspicious_Gen2.VXKTW, Troj_Generic.UWSVP, Suspicious_Gen4.FXLPV
60.00%

avast!
Win32:Malware-gen, Win32:Adware-BLN [Adw]
60.00%

Sophos
Mal/Generic-S, Generic PUA NP
60.00%

G Data
Trojan.Generic.11488294, Win32.Trojan.Agent.JK6Y50, Trojan.GenericKD.1602076
60.00%

Baidu Antivirus
Trojan.Win32.Secuinw, Adware.Win32.Besttoolbars, Adware.Win32.Illyx
60.00%

MicroWorld eScan
Trojan.Generic.11488294, Trojan.GenericKD.1602076
40.00%

nProtect
Trojan.Generic.11488294, Trojan.GenericKD.1602076
40.00%

Malwarebytes
Trojan.Downloader, Trojan.Inject.RRE
40.00%

Bitdefender
Trojan.Generic.11488294, Trojan.GenericKD.1602076
40.00%

Lavasoft Ad-Aware
Trojan.Generic.11488294, Trojan.GenericKD.1602076
40.00%

The domain winu.secureddl.com has been seen to resolve to the following IP address.

ns517839.ip-192-99-47.net
February 6, 2016

File downloads found at URLs served by winu.secureddl.com.

15 / 68    (PUP)
http://winu.secureddl.com/canal/.../betadeeal.exe  (162a498cd219869b58cc3aa076f515a0)

25 / 68    (PUP)

3 / 68      (Malware)

26 / 68    (PUP)
http://winu.secureddl.com/canal/.../launcher.exe  (ac7b721f1246e5dd11def4fceb594b4c)

3 / 68      (Malware)

0 / 68
http://winu.secureddl.com/.../maj.exe  (ec32b848b382935d91cf69eefbd978f2)

URL:
http://winu.secureddl.com/

Web server:
Apache/2.4.10 (Debian)