The domain www.sharfiles.com registered by Whois Privacy Shield Services was initially registered in January of 2016 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrant:
Whois Privacy Shield Services
Registrar:
SOCRATES 888, LLC
Server location:
Dublin City, Ireland (IE)
Create date:
Wednesday, January 27, 2016
Expires date:
Friday, January 27, 2017
Updated date:
Saturday, January 30, 2016
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.
Google Safe Browsing:
malware
Scanner detections:
Detections (93% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.FINEDREAMINVEST.r, PUP.FINEDREAMINVEST.U, PUP.FINEDREAMINVEST.e, PUP.FINEDREAMINVEST.w, PUP.LADYSWOOD2013, PUP.FINEDREAMINVEST (M), PUP.SOFTWAREAGILITY (M), PUP.Brightcircle.LADYSWOO (M), PUP.FINEDREA (M), PUP (M)
100.00%
avast!
Win32:Adware-BGS [PUP], Win32:Adware-gen [Adw]
30.77%
VIPRE Antivirus
iPumper, PileFile Downloader, Threat.4787725
30.77%
Avira AntiVirus
ADWARE/Adware.Gen
30.77%
Rising Antivirus
PE:PUF.FilePile!1.9E19
30.77%
Malwarebytes
PUP.Optional.FilePile.A
23.08%
AhnLab V3 Security
Adware/Win32.DownloadWare, PUP/Win32.Downloader
23.08%
ESET NOD32
Win32/BundleInstaller (variant)
23.08%
nProtect
Adware/W32.Agent.5175736, Trojan-Dropper/W32.Agent.6390728
15.38%
IKARUS anti.virus
Trojan-Dropper.Agent, Trojan-Downloader.Win32.Clikug
15.38%
Fortinet FortiGate
W32/Agent.PFR!tr
15.38%
AVG
MalSign.Generic, Downloader.Generic13
15.38%
herdProtect (fuzzy)
a variant of eec76c623366b4593b6771800a74f8ac9cc2983b
7.69%
McAfee
PileFile!FACF074CA6EC
7.69%
ESET NOD32
Win32/BundleInstaller.D potentially unwanted application
7.69%
The domain www.sharfiles.com has been seen to resolve to the following 5 IP addresses.
ec2-54-210-47-225.compute-1.amazonaws.com
April 11, 2016
125.34.148.146.bc.googleusercontent.com
April 11, 2016
ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
November 10, 2015
File downloads found at URLs served by www.sharfiles.com.
The following 219 files have been seen to comunicate with www.sharfiles.com in live environments.
URL:
http://www.sharfiles.com/
Title (12/27/2013):
“Fast File Downloader”
Title (5/3/2015):
“sharfiles.com”
Network:
Amazon Web Services (AWS), running an EC2 instance