home

www.zonarufiledownloads.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
zonarufiledownloads.com

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Zona.Chetvertoepokolenie.Installer.Meta (L), PUP.Zona.Chetvertoepokolenie.Installer.Meta (M), PUP.Zona.Chetvert.Installer.Meta (M)
100.00%

Dr.Web
riskware program Program.Zona.80
9.09%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
9.09%

The domain www.zonarufiledownloads.com has been seen to resolve to the following 11 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 15, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 15, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 18, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 18, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 18, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 13, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 13, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 13, 2016

52.34.170.106
ec2-52-34-170-106.us-west-2.compute.amazonaws.com
April 13, 2016

52.25.23.136
ec2-52-25-23-136.us-west-2.compute.amazonaws.com
April 13, 2016

54.191.37.5
ec2-54-191-37-5.us-west-2.compute.amazonaws.com
April 13, 2016

File downloads found at URLs served by www.zonarufiledownloads.com.

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=L6MrH01tbrD3epbGP0vy/hZ1Y8axWOvSmgC4wVC/OAk=&c=G/q0gtwkIj8lzttEO52zMWBNuaGXL3tPHHoTOpYwv5lsDmBl3EPm45hz77dbiICCQKNocMDuEVUA4ZKIXj7egX2C68hpql6mqG1hqoAGasVHl ijBncCumQJtRNiSGPv&fallback_url=https://.../ZonaSetup[UAwM].exe&downloadAs=ZonaSetup[UAwM].exe  (zonasetup[azxc].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=4jtou3wew1FYonoTBpq77tBonBmT1OI9sQtk4XqWZ5I=&c=9ibQ2L/9PwWmuz9XFKMKdvUau5GOeFEGShKVLvq830sDDmyZpvIJBTgxxeHe3MtyMUWI/bBnxL28F2WR8XHMcDQE5PUg1IyNmALolhVvwu8EpqU3RI5kbxtGD2xEnbwS&fallback_url=https://.../ZonaSetup[3Fmm].exe&downloadAs=ZonaSetup[3Fmm].exe  (zonasetup[a8zh].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=aOXz06n43dIayFYF6/DUbacrclyfC8JFqLjPqz3AbBk=&c=8r0ZOymQrN6kVFifIAE4osvVzq6PeFG9mNA/1wsGf ZAFhck/i3t00p3Ed7z3P453UKCapV4n8JddGENy8Hsl4HjPeyn6YvhiNMxGPJDiZcOkUoXCt/ekwomT78DVD0R&fallback_url=https://dl.appzona.org/.../gta_criminal_russia_2011_action_rus_2011_pc[USL_].exe&downloadAs=gta_criminal_russia_2011_action_rus_2011_pc[USL_].exe  (need_for_speed_shift_2_unleashed_repack_rus_eng_2011[jey6].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=rabMf Mx9/tlvlkCrKHJ9 pU5dteSYzjoqmonx3KalI=&c=VRHCA7zztNgZpuJsg4VaGADoEfV3kX B4dMdLf9Oi0V/NrmIIFzLFUTThGQZ yxlFV5tEaUcI/y8wZ jyiKf5YQyNNNymDpmNziRFsji3nZoCqrMmE8U27swRWTjrYXU&fallback_url=https://.../ZonaSetup[IN4c].exe&downloadAs=ZonaSetup[IN4c].exe  (zonasetup[d2dc].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=kBTC4ACrT1pEFCvym1lWg7L26tvY4AVzcCijsHsCHRM=&c=Dn1HkQ2ke/MJVkU9uszqY4IV3IeDdiJon8EAvo8j8zEHFBK7/iG7d2croOVBGOdhQTZufrmMC2qysqSrvNJaFdcttUC67k K5Fjqid8zGy Ma9adGGpkjrFzHIB 1e/s&fallback_url=https://.../ZonaSetup[3NwS].exe&downloadAs=ZonaSetup[3NwS].exe  (zonasetup[dsbc].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=Cy3sgAceLuVqzqiKuoLgyrmWDxqdhlpSMMCz81AYoYU=&c=u1e9D/8 Y9Rc2Lc44cRDqZGQAVhfv6PNsHijqrE/Kdx0pIyWPOgRydpFjYP9iDxCMbeG8f0YkxP1rcfYHm6C53Kvpsusp5DEMNVl4n6XVpi nr6z7mpcIcL2s7TpGx9B&fallback_url=https://.../ZonaSetup[xndh].exe&downloadAs=ZonaSetup[xndh].exe  (zonasetup[x7xr].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=UZAEwwaRUukJ7sKyQTjXd7TMFjJfV4SSbydO1ocdRjE=&c=6Ui/fa/yPQ1NIxIFRmURy6X4u66fYTrdRzUMC4H/1ilbuc2SvlP8pjv5nKCz7butXt3Cgr/nUlnAP5QZ6iymmDkE0D B3O01y1YYv/r0S3uPuxzQ0SO3A7qktprZyGZx&fallback_url=https://.../ZonaSetup[dJFU].exe&downloadAs=ZonaSetup[dJFU].exe  (zonasetup[dsbc].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=JZXB44YwkTk8ZLtPtH5rHDa5mjXg/cYqizsVWwHQygg=&c=oabuswHhasLCrRyKyJYHOps1cOSAtyugKZakmsvP55r0Rt13xjPbz8vDXfB56RPJXj4to5T41MMoxHREWJWSwvr6PdQurKfUFI2f1khePB1sJRiBJF6/YRMMLWi76xtg&fallback_url=https://dl.appzona.org/.../aktivator_windows_7_maksimalnaya[I9rm].exe&downloadAs=aktivator_windows_7_maksimalnaya[I9rm].exe  (need_for_speed_shift_2_unleashed_repack_rus_eng_2011[jey6].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=JNLtagofAw2H7DqoM407WgapOXxuwSvuRvBbcnHkh/k=&c=lUZ6oNUuhoefb1Lf7QNbi2Tr6BdCkPflAj2Reg90TS8ht/HvlBtQCV3GTbf96qi2/4ZfoyCn54RPAOOKkeo52yYq4o8CRyIlcCI2FpiOcw4Ui6gttq53qLGge1kBJHN4&fallback_url=https://.../ZonaSetup[x5dP].exe&downloadAs=ZonaSetup[x5dP].exe  (zonasetup[x7xr].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=JVXqeEO1kcXL SuZSC2mE3Ub4L5zXrw22JuafvRfO7A=&c=blcWw27VXDPRf9WQhptvGxoWg1ImNlSOnupIun5ZI0tyy/9Cz6bcWiaJMlpw97UR iTyvAnBqw8UsHruRjqb3e2Qfud7NGIhIHWUusY5GckdRdWSLcBkaFzoSMwBSP2m&fallback_url=https://.../ZonaSetup[U5pg].exe&downloadAs=ZonaSetup[U5pg].exe  (zonasetup[j4hv].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=ezA4feCqOOOSqTFuoc/ebcDIaxx 1 KtpC0A3dYvdqQ=&c=HP3niHd8XYkSzkmr5d MyMhamAz weHn79zCTqIRqF6V9uqmRLH7PXwVaqWFwMYKQfVSXlRpu 8I5pMgnMu4aBXeJWF9zzX9x2eiXf1a0xlLSlgOb1cmYuOn pbztCl&fallback_url=https://.../ZonaSetup[UVOb].exe&downloadAs=ZonaSetup[UVOb].exe  (zonasetup[j4hv].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=tWjCCmyhBNx0TqWUPVPHwEwFSSkW8gaBZi3Ui7cPFVc=&c=KHujNP08UHYVvqmOs7wPEDl1SxnHbz766mBDqL6qZRJI51F4sv9esDXI7ImB7adNvn0y9nRd425lQAO2aNAGhpAD4t/X O33U/IXHD kW5cmLmplqI81MDlBKiU9uJMc&fallback_url=https://.../ZonaSetup[U8BO].exe&downloadAs=ZonaSetup[U8BO].exe  (zonasetup[j4hv].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=lCLmvSyvVk ywBQwp3Zbe9Gh/YStNEtniNJdMw7Ejbw=&c=gG99Z23DfmmMLKKxH5Ar5FVB7XuG1x6ai0KZ85jEFg/c3BuhAiuyKUpM6A3OKnx/kBSI85YnPQWAVXRgUb4/7dp6qYf3Lw6KN1Qk/hDVX BAA 3zqqVQ7MYTfK4OBgYt&fallback_url=https://dl.appzona.org/.../counter-strike_source_v34[UwwZ].exe&downloadAs=counter-strike_source_v34[UwwZ].exe  (need_for_speed_shift_2_unleashed_repack_rus_eng_2011[jey6].exe)

0 / 68
http://www.zonarufiledownloads.com/c?x=D7ORCkx8BwxqaWENOejDpZ26p3on2GWKf iwcM6Bn c=&c=b2xlinCqM3eSvow17Z84jqQ9iZkzabvGfELifQTYQ7XOINLWVPiC/M2rChPXzqngjZcM33kjL2I89Iz/wfVbtu2rZaGbJI1eNnboZ7bh6qhJBwVLzSeziSpaQ1xdySsk&fallback_url=https://dl.appzona.org/.../painkiller-kreshchennyy_krovyu[YSCB].exe&downloadAs=painkiller-kreshchennyy_krovyu[YSCB].exe  (618331fe3513a8d9029da69599d9eee8)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=GP9gtP1KG86YE6S0z8Z6RZCE9ELBmYRs0HimUgeAI9U=&c=k51D/L4oTP4VX4r6T7axr1 lzQxvx31K8UMJ6 aRHyzpDGYEtiBFgJpsCBRicOMM03uT3KGuRYKrlpNQ5dQFxX21cBG/buYUpxRm/qW31d6f08uzTj92bf2Oe91OufLO&fallback_url=https://.../ZonaSetup[Ur8M].exe&downloadAs=ZonaSetup[Ur8M].exe  (e0c9c0da5d39e6d8dd3c68da2ae74672)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=7SSXKpbYc/i4PKwAx9avgKVtby8qZyP09wr3CRdk6EA=&c=QR8yD23O53SqZgd09cyL3b5FcRpiFp00VWWCBhDkJN3aCKC4Dv9BLETXnxHNm1iC0yixE4eb1//p/COfMuwWbh tutpNF52unyxdo1Z/ev5dXbNFukiZPNOEcB1EQmVS&fallback_url=https://dl.appzona.org/.../ZonaWebSetup[jeZb].exe&downloadAs=ZonaWebSetup[jeZb].exe  (need_for_speed_shift_2_unleashed_repack_rus_eng_2011[jey6].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=XzRm18qMRKMjy06EUTYDSafofcjWATDu1TCmwnoLOLQ=&c=QOtoGHGLLC8pAkkpPM0ISGZVHF2zTz/Au5CWr29dmnXkrLa3ZvvErd7/f/m96Y3ssVLVx4XGbx6MXt9t3MGa/5gAZCWBVFHmbtG36Wttt/F0/cP9YmWH/2/6sD0w9QxU&fallback_url=https://.../ZonaSetup[Yv6_].exe&downloadAs=ZonaSetup[Yv6_].exe  (zonasetup[j4hv].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=0zf218OZR/TU3Yy3J0pG8rxJAx160CPsi8CyrEcxFRM=&c=DW684kF26QzW92q4uQwShwmkH VztfUd7ohF J961ai9AAXKMXgifpM1AhJu 3xIIKPVkSLDC96dTSpqSzxkMzuSL vse8NeuAEs66WVCjD8N42NZgMAw0P4MvwSVkhG&fallback_url=https://.../ZonaSetup[YwPO].exe&downloadAs=ZonaSetup[YwPO].exe  (zonasetup[j4hv].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=jwDVgVEa2qCmJkiR/ISMBe ZVx8ntskDQxwmQYjt9ns=&c=k Oi3k2jfqxWNNBd3m2W4BoNL1dTJWIhCWdAQb6sb0p1Ispm8m6evUaRvS2jivm3RfjGaTE7/1ydoYItquQ95NfSqQ1/ HWNBof5WIXi4tvVcjw8BJQH0JiM5whla9OG&fallback_url=https://dl.appzona.org/.../novogodnyaya_zhena[jblS].exe&downloadAs=novogodnyaya_zhena[jblS].exe  (8f6f9c87b13b7dc91bcd587b59268909)

3 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=073l2GCHHrv6F3QdSnfB/CipLc qMnwrv8zRNkOAa1c=&c=HF1J4YhN8/FltgEaNPijcZztDOAq0TUOHkUJchxI1p 3L73J5ShriasrUYdfNQS9YuNOGlZ72u8wtLjpA iPUJW58CbJ5WjqKYod/kJCJfhJsVVFnEpF1FZUltr1EdbB&fallback_url=https://dl.appzona.org/.../valhalladsp_-_valhallavintageverb_1.0.1_vst_rtas_x86_x64_01.03.2013[FeQy].exe&downloadAs=valhalladsp_-_valhallavintageverb_1.0.1_vst_rtas_x86_x64_01.03.2013[FeQy].exe  (grand_theft_auto_san_andreas[fks0].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=2cwZkE0nSmhaV1n4kr3V ySgTry4X5RsigVtn/3Vs5E=&c=RPv8wKfGdLJTxjl3 62p5NS/iRanZnMS3nKQrCR2t0Wmqt0SLM6HKoMTpLyv 4JxlalThcz6X 6CGYLYbobUahG/dFU3FEQjXeyVVNb6mla9xTiv1qAklJytv4FA9uIK&fallback_url=https://.../ZonaSetup[xqC7].exe&downloadAs=ZonaSetup[xqC7].exe  (zonasetup[x7xr].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=GMJyNoHuNFnFllZfvd/6DxsFzcm2L6Nal/3lK19K TI=&c=H9HiSd/vpiviD8J7QVwcGot8a1rLmD4iK9vt0VmlZmn1NpfOtneKeSXqAoa2zVZ/IykSWe/Q1sDsHbmAsrh5CFXq/gvAFP0cgY5AS/YL1NbkyD8MWwZkNtBh4aSiXPFA&fallback_url=https://.../ZonaSetup[xXgf].exe&downloadAs=ZonaSetup[xXgf].exe  (zonasetup[xme7].exe)

1 / 68      (PUP)
http://www.zonarufiledownloads.com/c?x=gf 7ajZl8pnC/6//NkNszw7O6dBB375Pd/t1sMb/9oM=&c=vPiL9V22Ho/KTD1W u0Pu6RjaV5iwffqica/DK7CRxKu8YUWFEVYqWaljyQBCAZPLAt9HU40sKZKbeMRsijTLYKCVHJyoFfIki3z8xPDu2IAKb0rWTKhEbRuKZeQzxqZ&fallback_url=https://.../ZonaSetup[xnfd].exe&downloadAs=ZonaSetup[xnfd].exe  (zonasetup[x7xr].exe)

The following 6 files have been seen to comunicate with www.zonarufiledownloads.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.