home

appads.info

Tuan Hoang

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the SingleHop, Inc. network.
Registrar:
GoDaddy.com, LLC

Server location:
Arizona, United States (US)

ASN:
AS32475 SINGLEHOP-INC - SingleHop,US

Whois:
4 appads.info records

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Systweak.TUNEUPPR.Installer.Meta (L), PUP.Installer.Bundlore, DownloadManager.Bundler.Air Software, PUP.Air Software.AirSoftware.Bundler (M), PUP.Softpulse.PluginUpdate.Bundler (M), PUP.Adknowledge.InstallManager.Installer (M), PUP.Bundlore.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.installCore.Compiler.Installer (M), PUP.Adknowledge.InstallM.Installer (M), Threat.Win.Reputation.IMP, PUP.Air Software (M)
100.00%

VIPRE Antivirus
Threat.4150696, Threat.5061940, Threat.4784938, Iminent
42.55%

Dr.Web
Adware.Downware.9711, Trojan.SMSSend.5217, Trojan.SMSSend.5157, Trojan.DownLoader11.36367, Trojan.SMSSend.5417, Trojan.SMSSend.5121
40.43%

avast!
Rootkit-gen [Rtk], Win32:Adware-gen [Adw], Win32:Adware-CAH [PUP], Win32:SoftPulse-AZ [PUP], Win32:Installer-L [PUP], Win32:Adware-BZI [PUP]
40.43%

Malwarebytes
PUP.Optional.Bundlore, PUP.Optional.AirAdInstaller, PUP.Optional.DownloadManager, PUP.Optional.AirInstaller
38.30%

K7 AntiVirus
Unwanted-Program
38.30%

Comodo Security
Application.Win32.Bundlore.D, Application.Win32.AirAdInstaller.B, Application.Win32.AirAdInstaller.A, Application.Win32.AirInstaller.CEBE
38.30%

Avira AntiVirus
APPL/Downloader.Gen8, Adware/AirAdInstaller.aldw.3, ADWARE/Adware.Gen
38.30%

AhnLab V3 Security
PUP/Win32.Bundler, PUP/Win32.AirAdInstaller, PUP/Win32.Installer
38.30%

AVG
Generic, Adware BundleApp, Generic_r
38.30%

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller, not-a-virus:AdWare.Win32.SoftPulse
38.30%

Sophos
AirInstaller, PUA 'AirInstaller', PUA 'SoftPulse' (of type Adware)
38.30%

NANO AntiVirus
Riskware.Win32.AirAdInstaller.dafqnz, Riskware.Win32.AirAdInstaller.cwbkcs, Riskware.Win32.AirAdInstaller.deojhu
36.17%

Agnitum Outpost
PUA.AirAdInstaller
36.17%

Vba32 AntiVirus
AdWare.AirAdInstaller, AdWare.AirAdInstaller.ajov
36.17%

The domain appads.info has been seen to resolve to the following 3 IP addresses.

184.154.132.109
chi11.stablehost.com
September 17, 2016

99.198.116.211
phx20.stablehost.com
September 10, 2015

107.170.34.147
appads.info
July 23, 2014

File downloads found at URLs served by appads.info.

1 / 68      (Adware)
http://appads.info//.../rnd  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install the Update Before Closing This Page&file=Update.exe&i=eyJ0IjoxNDAxODQxMTMyMTcwMTQzNDc0LCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6Ijk2MzhlMjcyIiwiZSI6MC4wMDcsIjEiOiJ2OSAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUgLSBFeGl0In0=&on=&url=appads.info  (f8382d322bde1511850dc4ab22e1cfa2)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAxNDIwNzQxOTc5MDEyNjUwLCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6IjhhNTc3NmU0IiwiZSI6MC4wMDksIjEiOiJ2NCAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info//of/.../  (ea0ba9fbf3be5899ea896854877d33ab)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAyMTk0NzgzMjA1MzYyNjA3LCJjIjoiNTM4NDQ5Y2I0YThhNDA1OTg4ZjhjZWE3IiwidSI6ImM4NGY3NGU0IiwiZSI6MC4wMDYsIjEiOiJ2NCAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install the Update Before Closing This Page&file=Update.exe&i=eyJ0IjoxNDAxODUwMDUxMDMzNDc0OTg0LCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6Ijk1ZmU2YThhIiwiZSI6MC4wMDk1LCIxIjoidjkgLSBwbGVhc2UgdXBkYXRlIHRvIGNvbnRpbnVlIC0gRXhpdCJ9&on=&url=appads.info  (d3dfe9b4bc731a7ece3c73a8a8c3ceb2)

1 / 68      (Malware)
http://appads.info//of/.../  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../INT?cn=Vietnam&entry=1&exit=&i=eyJ0IjoxNDA5NjQ4NTMzOTc1NDgyMDc4LCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6ImQ3YzYwMWQ1IiwiZSI6MC4wMDAyLCIxIjoidjYtMiJ9&pop=1&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info//of/.../  (setup.exe)

1 / 68      (Adware)
http://appads.info//of/.../  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../INT?cn=Thailand&entry=&exit=&i=eyJ0IjoxNDA4Njk3NjI5MjU4MDk0OTI2LCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6IjU0NjlmYjFiIiwiZSI6MC40LCIxIjoidjE5LTMifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install the Update Before Closing This Page&file=Update.exe&i=eyJ0IjoxNDAxODAwMzU2Nzg2MDYxOTAyLCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6ImYzZTFkYzMyIiwiZSI6MC4wMDcsIjEiOiJ2OSAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUgLSBFeGl0In0=&on=&url=appads.info  (e8abe6a81edbe4b13014b74d5a221144)

1 / 68      (Adware)
http://appads.info/.../INT?cn=Philippines&entry=&exit=&i=eyJ0IjoxNDA4NzY0MjUzNjUyOTI4MzEzLCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6ImJmNzMzOGI4IiwiZSI6MC40LCIxIjoidjE5LTMifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAxNDc1MDg5NzY5MTEwMzgzLCJjIjoiNTM4ODQ5MGY0YThhNDA1OTg4ZjhjZWIyIiwidSI6IjFmNmJlZmUzIiwiZSI6MC4wMDYsIjEiOiJ2NyAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install Update Before Closing This Page&i=eyJ0IjoxNDAyMzQyODMxODg2NjEzNDc3LCJjIjoiNTM4NDQ5Y2I0YThhNDA1OTg4ZjhjZWE3IiwidSI6IjQ5OWE2YzFmIiwiZSI6MC4wMDYsIjEiOiJ2NCAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUgLSBleGl0In0=&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install the Update Before Closing This Page&file=Update.exe&i=eyJ0IjoxNDAxODM4ODgzMTgwNDE1ODYxLCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6ImQyNWJmMzBmIiwiZSI6MC4wMDcsIjEiOiJ2OSAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUgLSBFeGl0In0=&on=&url=appads.info  (f21a2bcef020add157209eda71a3b50c)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAxMjU3MDY1ODE5MDAzMTM2LCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6IjAwODY4ZTJjIiwiZSI6MC4wMTQsIjEiOiJ2NSAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../INT?cn=Thailand&entry=Please Update to Continue&i=eyJ0IjoxNDA5MjI3MjkwMzAwNjMwMzg0LCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6IjE0MGE5ZGM4IiwiZSI6MC4wMDA0LCIxIjoidjE5LTMtZW50cnkifQ==&url=appads.info  (setup.exe)

1 / 68      (Adware)
http://appads.info/.../INT?cn=Thailand&entry=1&exit=&i=eyJ0IjoxNDA5NzQ5MjEyMDQ2ODQ4NDAyLCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6ImZmYWRlNTg4IiwiZSI6MC4wMDA0LCIxIjoidjYtMiJ9&pop=1&url=appads.info  (setup.exe)

20 / 68    (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDA0NTA1MjI5MjY1ODM2MjU5LCJjIjoiNTM4NDU2Nzk0YThhNDA1OTg4ZjhjZWFjIiwidSI6ImI0MmI2ZWIzIiwiZSI6MC4wMDk4LCIxIjoidjQgLSBwbGVhc2UgdXBkYXRlIHRvIGNvbnRpbnVlIn0=&url=appads.info  (setup.exe)

33 / 68    (Adware)
http://appads.info/.../INT?cn=Malaysia&entry=Please Update to Continue&i=eyJ0IjoxNDA5NDUwNTYxODAyNTc5ODE0LCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6IjhlYzU2NjVjIiwiZSI6MC4wMDEsIjEiOiJ2Ni0xLWVudHJ5In0=&url=appads.info  (setup.exe)

36 / 68    (Adware)
http://appads.info//of/.../  (453c939ba4a390e7ae8b410a7097fc76)

36 / 68    (Adware)
http://appads.info//of/.../  (a8fc8469097202fb46ad06362730e258)

36 / 68    (Adware)
http://appads.info//of/.../  (ae6e4b67199906381ccc77ecef838084)

1 / 68      (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAzNTA1OTA4MDcyODI3ODU0LCJjIjoiNTM5OTgwYWU0YThhNDA1OTg4ZjhjZWQwIiwidSI6IjcwOGJkYmU1IiwiZSI6MC4wMDUsIjEiOiJ2NCAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

0 / 68
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAwODc1NjU2MDMwNzE4ODk2LCJjIjoiNTM3MWQ1MjQ0YThhNDA1OTg4ZjhjZTliIiwidSI6IjdiYTIwNTlhIiwiZSI6MC4wMDYyLCIxIjoidjQgLSBwbGVhc2UgdXBkYXRlIHRvIGNvbnRpbnVlIn0=&url=appads.info  (msvcr111.dll)

20 / 68    (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&i=eyJ0IjoxNDAyODQ3ODY4MDU4ODQzODE1LCJjIjoiNTM5OTgxZmY0YThhNDA1OTg4ZjhjZWQxIiwidSI6IjJlMTAwMjhhIiwiZSI6MC4wMDUsIjEiOiJ2NCAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUifQ==&url=appads.info  (setup.exe)

1 / 68      (PUP)
http://appads.info/.../INT?cn=Thailand&entry=&exit=&i=eyJ0IjoxNDA4NzY2NDMxMjM5MDUzMDU3LCJjIjoiNTNmNTlkNDU0YThhNDA1OTg4ZjhjZWQ4IiwidSI6ImIzNzQ1ZDhjIiwiZSI6MC40LCIxIjoidjE5LTMifQ==&url=appads.info  (setup.exe)

36 / 68    (Adware)
http://appads.info//of/.../  (fd4189557699504a3203faef0b3a03eb)

36 / 68    (Adware)
http://appads.info/.../rnd?entry=Please Update to Continue&exit=Please Install the Update Before Closing This Page&file=Update.exe&i=eyJ0IjoxNDAxODIzMTM4NTQ5NTE5NDI0LCJjIjoiNTM4MzBlZGQ0YThhNDA1OTg4ZjhjZWE2IiwidSI6ImYwMjc1NGNhIiwiZSI6MC4wMDcsIjEiOiJ2OSAtIHBsZWFzZSB1cGRhdGUgdG8gY29udGludWUgLSBFeGl0In0=&on=&url=appads.info  (b0973a081c6b973ad590f430d5f7bc19)

 
Latest 30 of 63 download URLs

The following 2 files have been seen to comunicate with appads.info in live environments.

TCP » 184.154.132.109:80
online-guardian-v2.0.9.exe

TCP » 99.198.116.211:80
online-guardian-v2.0.9.exe

TCP » 184.154.132.109:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://appads.info/

Title:
“App Game Mobile”

dichvumotor.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.