» ares.descargar.es
Overview
Analysis
IPs Addresses (6)
Downloads (3)
Network (6)

ares.descargar.es

Domain Information

Server location:

Madrid, Spain (ES)

ASN:

AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Root domain:

descargar.es

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.Installer (M), PUP.installCore.MaxSetup (M), PUP.installCore.WorldSetup (M), PUP.InstallCore.Bundler (M), PUP.Vittalia.FormulaEFTEuropa.Bundler (M), PUP.InstallCore.FC (M), PUP.InstallCore.AC.Installer (M), PUP.Vittalia.FormulaE.Bundler (M), Adware.Bundler.Dapub.Installer.Meta (M), PUP.Outbrowse.Salyutem.Bundler (M), PUP.Vittalia.Bundler (M), PUP.Tightrope.Zoobam.Bundler (M), PUP.Tightrope.Sanflex.Bundler (M), PUP.installCore.FreeSoft (M), PUP.Air Software.Download.Bundler (M), PUP.Tightrope.Statscom.Bundler (M), PUP.InstallCore.FC.Installer (M), Adware.Bundler (M), Adware.Bundler.Meta (M), PUP.Vittalia (M), PUP.Tightrope (M), PUP.installCore (M)

100.00%

McAfee

Artemis!D6EC0E5DCC9D

2.00%

Malwarebytes

PUP.Optional.InstallCore.A

2.00%

K7 AntiVirus

Unwanted-Program

2.00%

NANO AntiVirus

Riskware.Win32.InstallCore.dimzdi

2.00%

Trend Micro House Call

TROJ_GEN.R0C1C0OLF14

2.00%

Comodo Security

Application.Win32.InstallCore.FJ

2.00%

Dr.Web

Trojan.Packed.28474

2.00%

VIPRE Antivirus

InstallCore

2.00%

Trend Micro

TROJ_GEN.R0C1C0OLF14

2.00%

Sophos

Install Core Click run software

2.00%

F-Prot

W32/A-42c63c6c

2.00%

Avira AntiVirus

ADWARE/InstallCore.Gen7

2.00%

SUPERAntiSpyware

PUP.InstallCore/Variant

2.00%

G Data

Win32.Application.InstallCore

2.00%

The domain ares.descargar.es has been seen to resolve to the following 6 IP addresses.

109.70.130.155

155.130.70.109.factoriadigital.com

June 6, 2016

185.47.13.82

January 30, 2016

185.57.173.188

January 30, 2016

93.189.36.169

rack24u4.hispaweb.net

May 3, 2015

93.189.35.250

August 16, 2014

93.189.35.249

August 16, 2014

File downloads found at URLs served by ares.descargar.es.

1 / 68 (Adware)

http://ares.descargar.es/down.php (installer_ares_spanish.exe)

1 / 68 (Adware)

http://ares.descargar.es/down.php?p= (installer_ares_spanish.exe)

1 / 68 (Adware)

http://ares.descargar.es/down.php?p=ES-7SEARCH&kw=ares descargar (installer_ares_spanish.exe)

The following 6 files have been seen to comunicate with ares.descargar.es in live environments.

TCP » 109.70.130.155:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80

cyberclient.exe (CyberPlanet by Proyecto Redes)

TCP » 109.70.130.155:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 93.189.35.249:80

banaduy.exe (Maskaseft Visual Studio 2010 by Maskaseft)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.