» www.fileshareservices.net
Overview
Analysis
IPs Addresses (5)
Downloads (7)
Website Detail
Related Domains (685)

www.fileshareservices.net

REACTIVATION PERIOD

Domain Information

The domain www.fileshareservices.net registered by REACTIVATION PERIOD was initially registered in January of 2014 through ENOM, INC.. Currently this domain has been known to host various forms of malware. The hosted servers are located in San Francisco, California within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).

Registrant:

REACTIVATION PERIOD

Registrar:

ENOM, INC.

Server location:

California, United States (US)

Create date:

Friday, January 31, 2014

Expires date:

Tuesday, January 31, 2017

Updated date:

Monday, February 1, 2016

ASN:

AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

fileshareservices.net

Whois:

3 fileshareservices.net records

Scanner detections:

Malware distribution (71% detected)

Scan engine

Details

Detections

Dr.Web

Trojan.DownLoader11.8516, Trojan.Zipvideom.1, Trojan.DownLoader11.15828, Trojan.DownLoader11.13969

83.33%

MicroWorld eScan

Gen:Variant.Zusy.79036, Gen:Variant.Zusy.95038, Gen:Variant.Zusy.100115

83.33%

McAfee

Artemis!778F73A036A1, Artemis!0C2CC27C3DBC, Trojan-FDNQ!C9744FE80997, Artemis!E5271F1B70EF, Artemis!41D65DC8785B

83.33%

Malwarebytes

Trojan.Downloader.MSIL, Trojan.MSIL, Trojan.Injector.MSIL

83.33%

VIPRE Antivirus

Trojan.Win32.Generic, Trojan.Win32.Generic.pak!cobra

83.33%

K7 AntiVirus

Trojan , Riskware

83.33%

Trend Micro House Call

TROJ_GEN.F0C2H00E914, TROJ_GEN.R0CBC0DFE14, TROJ_SPNR.0CBH14, TROJ_SPNR.03HI14, TROJ_SPNR.35GA14

83.33%

avast!

Win32:Ransom-ARZ [Trj], Win32:Malware-gen, Win32:Dropper-NYB [Drp]

83.33%

Bitdefender

Gen:Variant.Zusy.79036, Gen:Variant.Zusy.95038, Gen:Variant.Zusy.100115

83.33%

Agnitum Outpost

Trojan.Blocker, Trojan.Bepush

83.33%

Lavasoft Ad-Aware

Gen:Variant.Zusy.79036, Gen:Variant.Zusy.95038, Gen:Variant.Zusy.100115

83.33%

Sophos

Mal/Generic-S, Troj/Ransom-AGG

83.33%

Comodo Security

UnclassifiedMalware

83.33%

F-Secure

Gen:Variant.Zusy.79036, Gen:Variant.Zusy.95038, Trojan-Downloader:W32/Kilim.T, Gen:Variant.Zusy.100115

83.33%

Trend Micro

TROJ_BEPUSH.SM, TROJ_GEN.R0CBC0DFE14, TROJ_SPNR.0CBH14, TROJ_SPNR.03HI14, TROJ_SPNR.35GA14

83.33%

The domain www.fileshareservices.net has been seen to resolve to the following 5 IP addresses.

April 16, 2016

September 3, 2014

September 3, 2014

May 10, 2014

May 10, 2014

File downloads found at URLs served by www.fileshareservices.net.

1 / 68 (inconclusive)

http://www.fileshareservices.net/dl.php (flvguncelle.exe)

33 / 68 (Malware)

http://www.fileshareservices.net/dl.php (FLVGuncelle.exe)

38 / 68 (Malware)

http://www.fileshareservices.net/dl.php (flvupdate.exe)

33 / 68 (Malware)

http://www.fileshareservices.net/dl.php (FLVUpdate.exe)

28 / 68 (Malware)

http://www.fileshareservices.net/dl.php (FLVUpdate.exe)

32 / 68 (Malware)

http://www.fileshareservices.net/dl.php (FLVGuncelle.exe)

0 / 68

http://www.fileshareservices.net/dl.php (flvguncelle.exe)

URL:

http://www.fileshareservices.net/

Google Analytics:

UA-2249740

Title:

“Fileshareservices.net”

Description:

“Find Cash Advance, Debt Consolidation and more at Fileshareservices.net. Get the best of Insurance or Free Credit Report, browse our section on Cell Phones or learn about Life Insurance. Fileshareservices.net is the site for Cash Advance.”

Web server:

Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

Related Domains

30 of 685 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.