www.friafiler.com

Tuguu SLU

Domain Information

The domain www.friafiler.com registered by Tuguu SLU was initially registered in August of 2013 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Oregon, United States (US)

Create date:
Wednesday, August 14, 2013

Expires date:
Monday, August 14, 2017

Updated date:
Thursday, December 31, 2015

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TuguuSL.I, PUP.Softpulse.SmartSecureSoftwareSl.Bundler (M), PUP.Tuguu.Bundler (M)
100.00%

MicroWorld eScan
Gen:Variant.Adware.Kazy.374465
25.00%

McAfee
PUP-FJP!62C17A287E12
25.00%

Malwarebytes
PUP.Optional.BundleInstaller.A
25.00%

K7 AntiVirus
Unwanted-Program
25.00%

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ
25.00%

Bitdefender
Gen:Variant.Adware.Kazy.374465
25.00%

Agnitum Outpost
PUA.Lollipop
25.00%

Lavasoft Ad-Aware
Gen:Variant.Adware.Symmi.41510
25.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.374465
25.00%

F-Secure
Gen:Variant.Adware.Kazy.374465
25.00%

Dr.Web
Trojan.DownLoader11.5325
25.00%

VIPRE Antivirus
DomaIQ
25.00%

Avira AntiVirus
APPL/DomaIQ.Gen
25.00%

Sophos
DomainIQ pay-per install
25.00%

The domain www.friafiler.com has been seen to resolve to the following 5 IP addresses.

ec2-52-26-110-152.us-west-2.compute.amazonaws.com
May 23, 2016

ec2-54-187-119-69.us-west-2.compute.amazonaws.com
May 23, 2016

ec2-54-213-219-119.us-west-2.compute.amazonaws.com
April 10, 2016

ec2-54-191-227-226.us-west-2.compute.amazonaws.com
April 10, 2016

ec2-54-201-62-44.us-west-2.compute.amazonaws.com
May 10, 2014

File downloads found at URLs served by www.friafiler.com.

1 / 68      (Adware)
http://www.friafiler.com/.../google-chrome.exe  (5fa0de286ced7ea49580abd3f82e80b8)

1 / 68      (Adware)
http://www.friafiler.com/.../winrar.exe  (3c59b1072edf3c223f3f5c7be74ca9ff)

1 / 68      (Adware)
http://www.friafiler.com/.../google-earth.exe  (e7fd558e339e6b5c441b11de3e41f714)

21 / 68    (Adware)
http://www.friafiler.com/.../lastpass.exe  (c8530c0959d3a117b5109bb860ab5f1b)

The following 11 files have been seen to comunicate with www.friafiler.com in live environments.

URL:
http://www.friafiler.com/

Title:
“Welcome to friafiler.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx