aresmod.com

Only contact by email, all postal mail will be rejected  (Proxy Registrant)

Domain Information

The domain aresmod.com is registered by proxy through SOLUCIONES CORPORATIVAS IP, SL and was originally registered in November of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Madrid, Madrid within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Madrid, Spain (ES)

Create date:
Thursday, November 26, 2009

Expires date:
Saturday, November 26, 2016

Updated date:
Wednesday, October 21, 2015

ASN:
AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OnekitInternetSL.K, PUP.100BlogsSL.W, PUP.Installer.OnekitInternetSL, PUP.OnekitInternet.OnekitInternetSL.Bundler (M), PUP.Vittalia.MetaInstaller (M), PUP.Vittalia.MetaInst.Bundler (M)
100.00%

VIPRE Antivirus
Onekit Installer, Threat.4782551
50.00%

Malwarebytes
PUP.Optional.Onekit.A, PUP.Optional.InstallCore
37.50%

Trend Micro House Call
TROJ_GEN.F47V1016, Suspici.33CA0397
25.00%

ESET NOD32
Win32/Injected.F trojan
12.50%

McAfee
CryptInno
12.50%

K7 AntiVirus
Unwanted-Program
12.50%

K7 Gateway Antivirus
Unwanted-Program
12.50%

McAfee Web Gateway
CryptInno
12.50%

Sophos
Install Core Click run software
12.50%

G Data
Win32.Application.InstallCore
12.50%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
12.50%

ESET NOD32
Win32/ToolkitOffers (variant)
12.50%

IKARUS anti.virus
AdWare.Win32.ToolkitOffers
12.50%

AVG
MalSign.Skodna.Bundle.bb4
12.50%

The domain aresmod.com has been seen to resolve to the following 4 IP addresses.

March 2, 2016

March 2, 2016

rack24u28.hispaweb.net
July 1, 2015

onekit.com
January 19, 2014

File downloads found at URLs served by aresmod.com.

1 / 68      (Adware)
http://aresmod.com/.../AresMod_ST.exe  (3ab455b33ea2849af47b521b681a31a9)

3 / 68      (Adware)
http://aresmod.com/.../AresMod_ML.exe  (b7320c5e836eca5329fdfd62f9ce0b2b)

1 / 68      (Adware)
http://aresmod.com/.../AresMod_ML.exe  (installer_ares_english.exe)

1 / 68      (Adware)
http://aresmod.com/.../AresMod_ML.exe  (installer_ares_english.exe)

1 / 68      (Adware)
http://aresmod.com/.../AresMod_ML.exe  (installer_ares_english.exe)

5 / 68      (Adware)
http://aresmod.com/.../AresMod_ST.exe  (cf4d91ee56daa7194b3ad34983f3b62d)

12 / 68    (Adware)
http://aresmod.com/.../AresMod_ML.exe  (installer_ares_english.exe)

4 / 68      (Adware)
http://aresmod.com/.../AresMod_ST.exe  (0e6d53fee0f2a1a4bd7dcce6a2e27e84)

The following 23 files have been seen to comunicate with aresmod.com in live environments.

 
Latest 20 of 24 files

URL:
http://aresmod.com/

Google Analytics:
UA-63402813

Title:
“Ares Mod”

Description:
“If there are so many options to perform your downloads, why do you stick to the slowest ones? Download Ares Mod and see what speed is all about!”

Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)

Facebook:
Shares:  3

Statistics above are for the previous month of November 2017.