The domain www.numiapps.com is registered by proxy through Moniker Online Services and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Moniker Privacy Services
Registrar:
Moniker Online Services
Server location:
Virginia, United States (US)
Create date:
Monday, March 17, 2014
Expires date:
Tuesday, March 17, 2015
Updated date:
Monday, March 17, 2014
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.ElephantTechSoftware.K, PUP.Installer.ElephantTechSoftware.R, PUP.Installer.ElephantTechSoftware.S, PUP.Installer.ElephantTechSoftware.P, PUP.Installer.Performersoft, PUP.Bundler.Performersoft, PUP.Performersoft.ElephantTechSoftware.Bundler (M), PUP.Performersoft.Elephant.Bundler (M), PUP.Performersoft (M)
100.00%
AVG
Adware InstallBrain.AM, Generic, Adware InstallBrain.AL
40.74%
Dr.Web
Adware.Downware.8001, Trojan.DownLoader11.25723, Trojan.Click3.3888, Trojan.Packed.28512, Trojan.InstallBrain.2
37.04%
Avira AntiVirus
ADWARE/InstallBrain.Gen8, Adware/InstallBr.ZR
37.04%
Sophos
PUA.InstallBrain, PUA 'InstallBrain'
37.04%
Malwarebytes
PUP.Optional.PDFConverter.A, PUP.Optional.InstallBrain.A
33.33%
ESET NOD32
Win32/InstallBrain.CG potentially unwanted application, Win32/InstallBrain.CL potentially unwanted application, Win32/InstallBrain.CI potentially unwanted application
33.33%
MicroWorld eScan
Gen:Trojan.Heur.jv1@IjpjFFji, Gen:Variant.Jaik.2831
29.63%
Bitdefender
Gen:Trojan.Heur.jv1@IjpjFFji, Gen:Variant.Jaik.2831
29.63%
G Data
Gen:Trojan.Heur.jv1@IjpjFFji, Gen:Variant.Jaik.2831
29.63%
Panda Antivirus
Trj/Genetic.gen
29.63%
Lavasoft Ad-Aware
Gen:Trojan.Heur.jv1@IjpjFFji, Gen:Variant.Jaik.2831
25.93%
Emsisoft Anti-Malware
Gen:Trojan.Heur.jv1@IjpjFFji, Gen:Trojan.Heur.lv1@IzqLTci, Gen:Trojan.Heur.jv1@IbG9MDai, Adware.InstallBrain
25.93%
McAfee
Program.PUP-FMR, Trojan.Artemis!CA3E71A8E986
25.93%
IKARUS anti.virus
PUA.InstallBrain
25.93%
The domain www.numiapps.com has been seen to resolve to the following 10 IP addresses.
209.222.14.3.choopa.net
April 18, 2015
ec2-54-235-159-97.compute-1.amazonaws.com
February 28, 2015
50.97.44.131-static.reverse.softlayer.com
October 9, 2014
174.37.181.31-static.reverse.softlayer.com
October 9, 2014
173.192.190.227-static.reverse.softlayer.com
October 9, 2014
50.97.49.243-static.reverse.softlayer.com
October 9, 2014
50.97.49.242-static.reverse.softlayer.com
July 7, 2014
173.192.190.226-static.reverse.softlayer.com
July 7, 2014
50.97.44.130-static.reverse.softlayer.com
July 7, 2014
174.37.181.30-static.reverse.softlayer.com
July 7, 2014
File downloads found at URLs served by www.numiapps.com.
The following 38 files have been seen to comunicate with www.numiapps.com in live environments.
URL:
http://www.numiapps.com/
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
nginx/1.2.4 (PHP/5.3.16)