» y.gofor-files.net
Overview
Analysis
IPs Addresses (3)
Downloads (42)
Website Detail
Related Domains (8)

y.gofor-files.net

Whois Privacy Corp.

Domain Information

The domain y.gofor-files.net registered by Whois Privacy Corp. was initially registered in June of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.

Registrant:

Whois Privacy Corp.

Registrar:

INTERNET.BS CORP.

Server location:

Noord-Holland, Netherlands (NL)

Create date:

Thursday, June 19, 2014

Expires date:

Friday, June 19, 2015

Updated date:

Thursday, June 19, 2014

ASN:

AS16265 FIBERRING LeaseWeb B.V.,NL

Root domain:

gofor-files.net

Whois:

2 gofor-files.net records

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Startup.RighwayTechnologies.O, PUP.RighwayTechnologies.b, PUP.RighwayTechnologies.a, PUP.RighwayTechnologies.u, PUP.RighwayTechnologies.l, PUP.RighwayTechnologies.m, PUP.RighwayTechnologies.t, PUP.RighwayTechnologies.s, PUP.RighwayTechnologies.AA, PUP.RighwayTechnologies.c, PUP.RighwayTechnologies.q, PUP.RighwayTechnologies.R, PUP.RighwayTechnologies., PUP.RighwayTechnologies.h, PUP.RighwayTechnologies.V, Threat.Win.Reputation.IMP, PUP.RighwayTechnologies.f, PUP.RighwayTechnologies.FF, PUP.Via Advertising.RighwayT.Bundler (M), PUP.Via Advertising (M)

100.00%

Dr.Web

Adware.Downware.4798, Adware.Downware.4798, Adware.Downware.4798

59.52%

VIPRE Antivirus

Threat.4925438, Threat.4150696, Yontoo

59.52%

ESET NOD32

Win32/ExpressDownloader.H potentially unwanted application

59.52%

Malwarebytes

PUP.Optional.GoForFiles.A

59.52%

G Data

Win32.Application.ExpressDownloader

59.52%

AVG

Righway Technologies, Dropper.Generic9

59.52%

avast!

Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw], Win32:PUP-gen [PUP]

57.14%

Sophos

Go For Files

57.14%

Agnitum Outpost

Riskware.Agent

54.76%

IKARUS anti.virus

AdWare.Win32.YourFileDownloader, PUA.Win32.ExpressDownloader, PUA.Expressdownloader

45.24%

Qihoo 360 Security

Malware.QVM10.Gen, Malware.QVM06.Gen, Malware.QVM20.Gen

28.57%

K7 AntiVirus

Unwanted-Program

19.05%

herdProtect (fuzzy)

a variant of 432e430a68b5efd27c6e19359fde2924e5885c72, a variant of 49c02eecbaea6e8722616842ba869a67a8453283, a variant of c1d14b264694687ceaa0aba5451bb28a4102b4d7

19.05%

NANO AntiVirus

Trojan.Win32.Generic.dejkoc, Trojan.Win32.Babylon.csuksh

14.29%

The domain y.gofor-files.net has been seen to resolve to the following 3 IP addresses.

5.79.65.219

hosted-by.leaseweb.com

November 2, 2014

74.63.79.82

October 9, 2014

208.53.158.120

July 7, 2014

File downloads found at URLs served by y.gofor-files.net.

1 / 68 (Adware)

http://y.gofor-files.net/j5GLUnWbjFVh2KRMYpOXKmLZ/g58tLw5e6G5Jnu8hHhdo4gnTrWdPg2EjDxB/oUQE 3BVwHXzVgF1c1JSZ1jBFOFYUpzwDlJdsErDD aeOdzzSW3YDAsrSZlb/s0bVPMN2gYpERnRPICKRSvUz5F2h55CMgGSFzZUFBPzhxOKNAhWDzH5w1xneVYJNzhBWPl 11ohNpmNayrITPp7CkNuvoTEb7PNVTqkmRe6JhgR9KeegGO3wVE2oJUTtiIULfCjkr1ha0U/.../Mes3Oi7KRp (new_english_file_intermediate_complete_pack_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GBXSnisEhp2uYaOIC3Jm/I/hR6obIiZKX4fVnjpTxw56o6Q6LMaWX/vTZeuoQPQvnHJBmtmBlVz7wBToBuHUfJNzRpvHwYI5p3EG/KUqgdtFiiYDkypn1AfOEgaQrBP25M BFxAtATcFjtBTMUkVZRVNQaCxSAA1QWwhNQZIFHCjHEvwF9i7EDdIy/AGDl/.../2C8aU9BF22aReO4X5Dz2P5ns2hORhcaGtdjv1 z9op4Umfbi6Pkbt2n1S6Yl5XqidXko= (dj_ryson_(feat_shakira,_don_omar,_pitbull,_marc_anthony,_lucenzo,_shm)_-_danza_rabiosa_kuduro_(mash_)

1 / 68 (Adware)

http://y.gofor-files.net/j5GcVmzeoBArn4BeeNu5KmDb/hR3oaokeOKpPCf51WMr9dNjGuDafVWhjyhHsZVeF XEUADGih5UjZlSA9EwRAzKdRYwhGceNKtkG3fLN/QjlXG6azAqrSJ9bepnb0D O38D4xBxT/.../2updKeD UTymsw1h96d5bPundG7p7iEMtqN9UeeXaVzrl2Re ck5Bd6degWV3QQMiMI7FIuHW6eHgwijg7IctJ8= (yanni_-_marching_season_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GOaGPT50lnxutLeYXgdz6I4X8m9 h8MLeoLW2liDcj/dVhF fPKFO2hDsX6cFVG vTF1OSjQVTlqIGXtU1VUmBbBN/xDhMYIB0Dy/FN/c8nXPhO2NG/.../N29OqlE2XPpbV2W5Bn8MxgA6Qc4fRQSaQhQJm00YcYJJCjXF7VQ82PJrJNu3C3e3s1hzs IsZK8= (goforfiles_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GHVmDviFcx1b9XVfm9HDvjmDBzs7RtYrfgfi742WMm9NZvFvaaLkSjgDZO5chaHOjAQUGVmwJS2cRWCNw0VU6NdwMslXskL5AwTGyPfOoqwSy3ayZt8iZhIKkuekD1OGVGyBZpWf5bLAv8BnFSyFMvE9ITHXrjUEhakh9GZ8UfQCzT3UQg1uMJfIu6AGH0vQpt87Q0MKbzeWz7qnBR5K16XeOEMwivm3lc doqHofbPwG42wRE2JAQQI2cHPGfgw4= (bab_al7arh_al_5_mwasm_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5G2QGfVvRZixqheZ8v8InzZ CpzpLxmeaLwO3KhknVqv9hmFuDdYxLg22YT/oIWTKuYDlbdwFIH089JSZ1jGlrRPE5zxztdNpV/CySdY9wnmCi0dHd04jI5JL9jLlXqLmkYsRZiSP0AfU7AHmFBxlM6VssbQ1KWRAJIzkdrCZUSS3jS7BY/.../KvfWTp7iEMtqN9UeeWaFvin21U ck5Bd6DbVOXwA8dntUQIobeVbLVylHk0bYA5can (sweet-dreams-are-made-of-this_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GiQ2Obv1Jl0eZcY8yobXzdp2Fms R6IvTpeC7w2GAn6pYiQKeEMkLp320e/.../KGk1Z8A5BLNZDHXGHtgd6j7QHdJn UTymsw1h96Z3av kd2Tp SkV7qpqFaXNNBy40gsEu5drV5eTOFOTwgxEjw== (gta_vice_city.rar_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GRX2fvmk5r64JZVfm9L1H6sCZgs4Z5JvTvEC360SNcoJAlQ6nPL1Xp3Gsa78hTGOvGVxSTjAlBiZQLB9E4QQrZIwQ3kmAfe800TX7NN/MvjmHpN3JG4jI5LqktZUj3YzUVo0RkUOsDKUDwHHFUhRpuVMEUSVr0Al1NykcbZ9ASRSbcvwRvzucJDvesVDb 61JzsfMsMK/.../3VQ5657Xe6QYFrrgCAEss9lQNeea03egFBK25AHHJuHWaeDzAPhgqEE1pKiSb7ZvkXzJboM Tqw (the_sum_of_all_fears_2002_720pbluray_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GOVm3dqBArn4FeZ9qwJ2 X8HUqj6sica2zLnbjtzZsv4w4TPvYYh7tyytZ5cBXHunFUwLQwFkQl4gNTYVoFwPVPEZ1wi8IM5ZkG3fBKLJ5zjP3M3Jt5TN2QuY NRK1KWFM818pGahAYFTvDyVWwgN5RoEGUljNEE1e8A5RMdZDHmPU7lkq0LsGa8rrBRKLqFAy vcuf733KDSrxTwIvvtxVOOSZVnpk2dU7YwsGI7LYUTTglVJ2YNXRN2cC CHg1ijh7Af7Y6lANKWrkWiJbpB9CGm8PU2tw== (kaoma_-_lambada_(original_version_1989_downloader.exe)

1 / 68 (Malware)

http://y.gofor-files.net/j5GJUnGbn1Rv0b4Ubs36J2vPoS58658ZU4qeBzGcsngs/NRjBKSaZhfg3Wwf7sFXGeTTFEeCjgZfgMBYAs5yBlyFYUp1yC8LJ4Z5ES KTuoqwSGhJW1w72swLLh8fFjjOzFK4wp1W70SZkz5DHFS/BplRcJPGB/IGk1exEcbZ8YfEQb/.../6CcFpv04Or7GbVr90mkJ d4oHd7K (les_voies_du_destin_french_ts_2014_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GPXm biklp16gUJ5OTImqXmSJgr6BgVLayOHTulSAj/.../rnxX9eolCLKfYV3rkG1U755sR8XNPQHan1Ffm8QLGZrZHN6a2lG20bZN6N2yBOHCqw== (jim_croce_-_bad_leroy_brown_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5G2QmPCqBZkwb9KZN/8KGvStDV75q04K/Xpfyn/0WEs dNxUaWLLEu9iWIT4cBUHPqGElCJnVYP3cxYCM5xEkyYaxIwr2Afe8crCCeRdb53zCyhJnlp7mtraec/egfnLG1D8Qtzdu8fZEiiUj5Szwd/.../91iYCu987BbzHOEjUlBREj5AQDYOHDA== (suara-burung-kenari_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GMUG3vmUlv2aJgXdG/IGvj42ki5q04K/Xpfy3x1GMt NxxUaWLLEu9iWIT4chQF/qGElCJnVYP3cRcA85xEkyYaxIwr2Afe8crCCeRdb53zCyhJnlp7msiaf07bkf6PVNR7hJ1FKNAd0H2CXMMl0hpVJoxaB/.../stPPancG34o3tU5ap1Q7TDJFT2l3IdrcU8BIDaAxyDj1Nfn4sGW5vKBLyR (igo_primo_wince_6.0_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GSVm7c52hyxqhafpaBMWvM wF7rrglda28IzSFjjd7oIw5Rf65KUmznz5H9oMCXPqBFA/RzVsB0spZA9gwVU2ZZwAvmW1Gdc00WTmNc oqwSa ayZp6iRwc ooV0j3Yz8D4A95TaZfJBS5HmFBxlM6QdUTRl/.../IAK78yUE7q94VeCUZlvplmVLq8M1FN6faEXQhFZL2YZVW4zbHLzHmBz3mKYF6o ZHenC V7lPqpa4Xe vf0= (wall.street.prep.financial.modeling.program.rar_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GBVnTZrRBBwahLftn6BXqXhiZ/65QqZLC0ITHlyh9xuoAlUfumNQ2AhToBi4QNBfnHX32SkAxfipwDEaVoCxvePFE2gzRKcsQ7Sn/KJLB52mbyMHd04jI5LL5iOhS1LXlH/gYtGKpeJhi5GnlD1wB5R/gbRASfUFNQxh4VdYJJCjHO8lV0nfJGLNnsUTKc kUloq95f6j6LT6kp3pHpv9xJp EPA7mwzpLqcs0GIfxKByK111I34ZSSNyNULLEmBjsmqdNuM/2QrjM/UCiNOgf9HPvragtpvbya6/.../A== (david_guetta_ft_sam_martin_-_lovers_on_the_sun_(original_mix)_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5G2Um/RuxB20apKZtG/JG/S8zNh/eh/JvDkfSj82WI4v5A1Vb2APxvt1G4d6tcQW76cAw/ZwFoB1tsfW5p1HVueWh4mzTpdMZlkG3fBIbpoiGz3Nz0//yRle kza37nJ3xAqlo2SvcPd0aiWD5EwlNffYEeRwTOGAJLzhZBJewKRSjSvwF9i7INfYi9AGDl lU4oq9xbfuifW34rXBQ9f0tEeqPYU r1DsJqsksLorKYUbBxl0bzcIUEdLY (semar_pegulingan_downloader.exe)

1 / 68 (Adware)

http://y.gofor-files.net/j5GIXmHCpkhp0rkUXte L2XVoWlgoattYrfgfi742Wcn/.../aaLkSjgDZO5cBTGu3GQUGVmwJS2cxfDtkyVU6NdwMslXskL5AwS2yPfOoqwSG2ZSZt8iZhIKkuekD1OGVGyBZpWf5bLQv8BnFSyFMoE9ITHXrjUEhakh9GZ8UfQCzT3UQg1uMJfIu6AGX0uwpl9rQ0MKbzeWz7qnBV5Kt6VeaEMwivm2BLr9g3FZbNKCqO1l1KzcJZGcnOGO3O2g== (microsoft_toolkit.rar_downloader.exe)

13 / 68 (Adware)

http://y.gofor-files.net/j5GRX2vD4lVjwqhNIdCwM37ZuyJ267sucKuvKjy8km4v NVhEOXQaB7gyyxfuoYOR7jIXgvRzlkQl4gNU4w8SgfdMkVkgGgJMppoDRWRdb592mLqO2QksmY9O/sjeESueHhX9gR2QPg5YFTvDyUJhQ1wXMQZHQ2NA0UA7DIOLdRDSSuR9FEl0uJrOdbnXWzyugxj9aZ0b/.../jknIOvt5lXNKILAeI1hUan kNGdKJTvXO2krxh65N7Q== (this_never_happened_before_downloader.exe)

27 / 68 (PUP)

http://y.gofor-files.net/j5HyAynbqE5rn6BWedO4LSXXujNz66oqe7S8JzGsgD01vpA6Q7jCKFKhiTYBrJQNWr2bABmBkhhTl9YCU49zElDHaB4xm2AVbYBoDSKZdeI 12byP2J8 X1gfPY7I036MGtO4gx3SPVNcEzxQWhU0RtxVM8TThLPHw9JzhRPJMEfQiKc8lQvnfJHcI6 CGXztgxl/qVmKr70MzCm/nVQ46p VvHRJQuywmlc755qQsXePQeT3AULtN8AQNucH ya2lGxxvVW/YK2EbDZvgrwZagV9lim elu6727bLbhwnjjv4Nig63qU8D4yiKP9pdXh/HQGsOUiR/.../nQ4zDoUJhxJZSYon GX6FtWV6zLl6dg== (74_kaum_miskin_kota_sampah_dan_rumah_studi_tentang_akses_migran_miskin_terhadap_sumber_daya_lingkung)

13 / 68 (Adware)

http://y.gofor-files.net/.../UxFd6degHa1kYNm9pZGQ== (7500_movie_downloader.exe)

25 / 68 (Adware)

http://y.gofor-files.net/j5GKekPgj1dnx6V2ZMulImLQsDU59Pd6JuHvdyjt02owtownBKSaZhfg3Wwf78dbH TTFEeCjgZfgMBWA9wxRBifcBUrlDRCf8A9SGyIcPE6knD1DWl9tmUiauIzbByqbj8D4xtgTKYBdUD6GT5F0Q96U84Rf03SBkEAnVxLLdodR3iFpEUohsV8a9PtBTStqEo0q/skBr//KTjyq3xR4Kt6V aTaE vzzkI4ptsQdCbakfWg1hfm8QLGZrZHN6a2lG20bZN7d2yBOHCrg== (omapflashinstaller_4.10.zip_downloader.exe)

16 / 68 (Adware)

http://y.gofor-files.net/j5GxQGfcv14t06RNZsv6IW/SsWx3oao/.../yTBKccYrDyuKZe0rjkruNj0qrSFpdOtnMRGqeHhc5wctD 8UdUv5A3tu1xdsUJpKBlrHH0dWkk4ONNJDbw2R7ld03ugSO97mUTWc lU4oq9xbfuhd2X7o39X9eolCLKfYV3rkWdV65NvR8XNPQHan1Ffm8QLGZrZHN6a2lG20bZN692yBOHCqA== (twelve_girls_band_eastern_energy_downloader.exe)

16 / 68 (Adware)

http://y.gofor-files.net/j5GRQGfcv14t86RNZsv6AW/SsWw/64ojd6q6PXPjzHhSrcMjUe3Ybxbj3mYT7slaCK ABUWNkA8L3cReDdonAEuObBN/yTBKccYrDyuKZe0rjkruNj0qrSFpdOtnMRGgeHhc5wctTvoLcV65HmpQxQh1VvgGWUnOSxYbzBZBIthDGGPC4w0K86BYKoLvVne171A8o800MKbzeWz7qn9S66p1Xe6EJAC2w2lc65pvQtuaZU3elAMYn4tJTMnKGu6Xyw/.../Md (twelve_girls_band_-_shangri_-_la_downloader.exe)

12 / 68 (Adware)

http://y.gofor-files.net/j5GSXnDVpV51x6BQZJPlaD6XhiJgqbgnMLCuciv80Wcp dBuFeDPKFO2mjJDvMxaF zMVxSTjAlfgMBWA9g4QxicZAU2nmwJGZ1pQnneZu4nmCi YjY//y90eLIpZ0fnKW1X8kRkW/.../4qm4VuvMpWOaWYF3skmVf6Jp EoLaYUHBwhIWj8MHCbDTDLzAmBi4luQE Zf7FQ== (wirelessmon_4_0_serial_downloader.exe)

11 / 68 (Adware)

http://y.gofor-files.net/j5GsWXTZqk9zx tLeYXgdz6K5XEg OhyMLeoLW2liDcj/.../rQjOL raWzp6joOt svEYjLNFTogCBQu4wsAY TOA== (uninstall-updater423900624.exe)

12 / 68 (Adware)

http://y.gofor-files.net/j5GLVnbZv14t/aNMfsqkLmvSoTQ5i7YlYqW2OzH9yhV/r5E4UKnCF0 2nz5YodpGGZ/eVQHOy0BxptsbSdUwRw7ZPUdwxzFNYId4HT2VeOdzxSy2ZzQ/ CNmdOtnMRiiazgD5wNiXfUDZnL2DiUChRlxXMNPGQmYUFBE3x8VJtITSTaR9kIo3eBdLuD QSGmsw5zpP4pOqCrdnu6 3Uim7ggAurHPk txzgEu/UsGI7LYUTTglVO045URdmcHOie21G0w/.../NRpCGi8vZvo fpULPsnCD4 Jh1xOTZd9v2 (native_instruments_kontakt_5_factory_library_-_23.2_gb_downloader.exe)

13 / 68 (Adware)

http://y.gofor-files.net/j5GuUnvXrFUgwL4CO4zhcDaF438i8/84Y6aqInOs3Gon tRnBKOcOU w0GYT7sBTCKyUFUaOnBlpjZlSCc52HleIOE5yxi8PP4RoQjmXd/c5nWfidHRr6jBidOwFfFjjOzEQsQF8QPgNKR 5H3kM4CY6WcBPRVeNAEVRxh53NdoTSXiGtgB6g74GfI 5HiWq41lo9qZwavOudmz/.../m2dLq5c8V5feMEiD (keygen_downloader.exe)

15 / 68 (Adware)

http://y.gofor-files.net/j5GjXm7Vv1Jjw71NZZPgbTuS5Wki67Iub6O4ITy8km4v NVvEuPQbRPsyyxfuoYOR7jIVgLQy1wCwo4aWIFlTg/cNUV1xC8LJ4Z5ES KTuoqwSahJW1w72sxLb58fFjjOzFW ARkXvoUcQvrGHlXxQd/atMLUFyWQwJewxNLKo5PCjDWv3MBnepTcNrkHiei4lUxmOYpNK6rdWn/onhT56d5XfHWOQS m2VZ75JoQ9eXaU3B0QEN1oJCDZ3VDPSQyjPsk/.../7FauLuhSsYg== (fileviewpro_1.5.0.0_keygen_downloader.exe)

12 / 68 (Adware)

http://y.gofor-files.net/.../rXpU6qd6UPHBMR3mi2VLr9g3FZbNKCqO1l1KzcJZGcnOGO3O2g== (clave_de_licencia_para_winthruster_gratis_downloader.exe)

13 / 68 (Adware)

http://y.gofor-files.net/.../uYSvxyjBsrYY8BKSaZhfg3WoS68RRG nTFEeCjgZfgMBWA94wRhifcBUrlDRCf8I8SmyIcPE6knD1DWl9tmUiauIzbByqbjoD4xtgTKYVe0vrHXlDxkhoR8YURlDIKVBE3x8VdJUdQCzU6Q17nfNVcPzCHj2ks1k74eQhNaLyGymm9y1c4qp8UO QYFzuk3IZtsc9TNKabEDfgFBM3oNCHo7OVazCmBz3mKYF6o ZHenC V7lPqpa4Xe vf0= (asoftech_photo_recovery_3.19_crack_downloader.exe)

Latest 30 of 42 download URLs

URL:

http://y.gofor-files.net/

Web server:

nginx/1.2.1

Related Domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.