www.video-media-download.com

China Capital Investment Limited

Domain Information

The domain www.video-media-download.com registered by China Capital Investment Limited was initially registered in April of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
BULLRUNDOMAINS.COM LLC

Server location:
Arizona, United States (US)

Create date:
Friday, April 24, 2015

Expires date:
Monday, April 24, 2017

Updated date:
Tuesday, March 15, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Amonetizeltd.e, PUP.Installer.JottixinternationalmediaGM2007.AA, PUP.JottixinternationalmediaGM2007.Y, PUP.Installer.JottixinternationalmediaGM2007.G, PUP.Installer.PremiumInstaller.F, PUP.Installer.Linkular.F, PUP.JottixinternationalmediaGM2007.Installer (M), PUP.Jottix.JottixinternationalmediaGM2007.Installer (M), PUP.Jottix.Jottixin.Installer (M), PUP.Jottix (M), PUP.Adknowledge (M)
94.44%

Malwarebytes
PUP.Optional.Amonetize.AS, PUP.Downware, PUP.Optional.iBryte, PUP.Optional.InstallCore, PUP.Optional.InstallCore.A, Adware.Linkular
61.11%

Dr.Web
Adware.Downware.1528, Adware.Downware.1402, Trojan.DownLoader10.21545, Adware.Downware.1489, Adware.Downware.1479, Adware.InstallCore.125, Adware.InstallCore.122
61.11%

VIPRE Antivirus
Amonetize, Jottix, Trojan.Win32.Generic, Threat.4784450, Optimum Installer, InstallCore, Threat.4150696
61.11%

avast!
Win32:Amonetize-Q [PUP], Win32:Adware-AZL [Adw], Win32:Installer-K [PUP], Win32:Installer-I [PUP], Win32:InstallCore-HG [PUP]
61.11%

Sophos
Amonetize, Jottix, PUA 'Jottix', PUA 'iBryte Optimum Installer', PUA 'Install Core Click run software', PUA 'Linkular'
58.33%

AVG
MalSign.Generic, Adware AdInstaller.ExpressInstall, Adware Skodna.Bundle.BD, Adware Generic_c.UA
58.33%

SUPERAntiSpyware
PUP.Downloader/Variant, PUP.InstallCore/Variant, Trojan.Agent/Gen-DarkKomet
52.78%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.iBryte
44.44%

K7 AntiVirus
Unwanted-Program , Adware , Riskware
41.67%

Vba32 AntiVirus
AdWare.iBryte, Downloader.Agent, suspected of Trojan.Downloader.gen.h, BScope.Malware-Cryptor.iBryte, Downware.InstallCore
41.67%

Rising Antivirus
Trojan.Win32.Generic.137A42C9, PE:Trojan.Win32.Generic.137A42C9!326779593, PE:AdWare.Win32.Fednu.eg!1075354752, PE:Malware.InstallCore!6.4
36.11%

ESET NOD32
Win32/DownWare.G potentially unwanted application, Win32/AdWare.iBryte.K.gen application, Win32/InstallCore.BG potentially unwanted application
33.33%

McAfee
Artemis!633B2300C6F8, Artemis!61720B7C5351, Artemis!FCE530B942DB, Artemis!23895E0067D2, Artemis!78C79A100801, Artemis!9A6FEDEF65BC, Artemis!BA4449262EA7, Artemis!56DF0483970F, Artemis!7652B2724173
30.56%

Qihoo 360 Security
HEUR/Malware.QVM06.Gen, Win32/Trojan.a16, Malware.QVM10.Gen
30.56%

The domain www.video-media-download.com has been seen to resolve to the following 6 IP addresses.

192.230.92.93.ip.incapdns.net
September 13, 2016

199.83.132.93.ip.incapdns.net
June 22, 2016

April 13, 2016

July 16, 2015

May 4, 2015

ip-184-168-221-43.ip.secureserver.net
February 25, 2015

File downloads found at URLs served by www.video-media-download.com.

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

26 / 68    (Adware)

26 / 68    (Adware)

15 / 68    (PUP)

15 / 68    (PUP)

15 / 68    (PUP)

15 / 68    (PUP)

18 / 68    (PUP)

15 / 68    (PUP)

25 / 68    (PUP)

 
Latest 30 of 49 download URLs

The following 153 files have been seen to comunicate with www.video-media-download.com in live environments.

 
Latest 20 of 154 files

URL:
http://www.video-media-download.com/

Web server:
nginx/1.8.1