y.gofor-files.net

Whois Privacy Corp.

Domain Information

The domain y.gofor-files.net registered by Whois Privacy Corp. was initially registered in June of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
INTERNET.BS CORP.

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Thursday, June 19, 2014

Expires date:
Friday, June 19, 2015

Updated date:
Thursday, June 19, 2014

ASN:
AS16265 FIBERRING LeaseWeb B.V.,NL

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Startup.RighwayTechnologies.O, PUP.RighwayTechnologies.b, PUP.RighwayTechnologies.a, PUP.RighwayTechnologies.u, PUP.RighwayTechnologies.l, PUP.RighwayTechnologies.m, PUP.RighwayTechnologies.t, PUP.RighwayTechnologies.s, PUP.RighwayTechnologies.AA, PUP.RighwayTechnologies.c, PUP.RighwayTechnologies.q, PUP.RighwayTechnologies.R, PUP.RighwayTechnologies., PUP.RighwayTechnologies.h, PUP.RighwayTechnologies.V, Threat.Win.Reputation.IMP, PUP.RighwayTechnologies.f, PUP.RighwayTechnologies.FF, PUP.Via Advertising.RighwayT.Bundler (M), PUP.Via Advertising (M)
100.00%

Dr.Web
Adware.Downware.4798, Adware.Downware.4798, Adware.Downware.4798
59.52%

VIPRE Antivirus
Threat.4925438, Threat.4150696, Yontoo
59.52%

ESET NOD32
Win32/ExpressDownloader.H potentially unwanted application
59.52%

Malwarebytes
PUP.Optional.GoForFiles.A
59.52%

G Data
Win32.Application.ExpressDownloader
59.52%

AVG
Righway Technologies, Dropper.Generic9
59.52%

avast!
Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw], Win32:PUP-gen [PUP]
57.14%

Sophos
Go For Files
57.14%

Agnitum Outpost
Riskware.Agent
54.76%

IKARUS anti.virus
AdWare.Win32.YourFileDownloader, PUA.Win32.ExpressDownloader, PUA.Expressdownloader
45.24%

Qihoo 360 Security
Malware.QVM10.Gen, Malware.QVM06.Gen, Malware.QVM20.Gen
28.57%

K7 AntiVirus
Unwanted-Program
19.05%

herdProtect (fuzzy)
a variant of 432e430a68b5efd27c6e19359fde2924e5885c72, a variant of 49c02eecbaea6e8722616842ba869a67a8453283, a variant of c1d14b264694687ceaa0aba5451bb28a4102b4d7
19.05%

NANO AntiVirus
Trojan.Win32.Generic.dejkoc, Trojan.Win32.Babylon.csuksh
14.29%

The domain y.gofor-files.net has been seen to resolve to the following 3 IP addresses.

hosted-by.leaseweb.com
November 2, 2014

October 9, 2014

July 7, 2014

File downloads found at URLs served by y.gofor-files.net.

13 / 68    (Adware)

12 / 68    (Adware)
http://y.gofor-files.net/.../rXpU6qd6UPHBMR3mi2VLr9g3FZbNKCqO1l1KzcJZGcnOGO3O2g==  (clave_de_licencia_para_winthruster_gratis_downloader.exe)

 
Latest 30 of 42 download URLs

URL:
http://y.gofor-files.net/

Web server:
nginx/1.2.1