atstools.net

Inbound Call Experts

Domain Information

The domain atstools.net registered by Inbound Call Experts was initially registered in September of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Las Vegas, Nevada within the United States which resides on the Qwest Communications Company, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Nevada, United States (US)

Create date:
Thursday, September 26, 2013

Expires date:
Monday, September 26, 2016

Updated date:
Sunday, September 27, 2015

ASN:
AS209 ASN-QWEST-US NOVARTIS-DMZ-US

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.ADVANCEDTECHSUPPORTCO.H, PUP.Optional.ADVANCEDTECHSUPPORTCO.P, PUP.Optional.ADVANCEDTECHSUPPORTCO.D
80.00%

CMC Antivirus
Trojan.Win32.Generic!O
30.00%

Trend Micro House Call
TROJ_GEN.F47V1021, TROJ_GEN.F47V1115, Suspicious_GEN.F47V0709
30.00%

Commtouch SDK
W32/GenBl.98D8D6A3!Olympus
10.00%

F-Prot
W32/Undefined.Threat
10.00%

Rising Antivirus
AU3SCRIPT:Malware.Banker!1.9DF6
10.00%

Dr.Web
Threat.Undefined
10.00%

McAfee
Artemis!005B813E219D
10.00%

Clam AntiVirus
Win.Trojan.Autoit-1372
10.00%

Kaspersky
not-a-virus:RemoteAdmin.Win32.Autoit
10.00%

NANO AntiVirus
Riskware.Win32.RemoteAdmin.zfqwn
10.00%

McAfee Web Gateway
Artemis!005B813E219D
10.00%

Antiy Labs AVL
Trojan/Win32.Tgenic
10.00%

Jiangmin
TrojanDownloader.Genome.akmm
10.00%

The domain atstools.net has been seen to resolve to the following 3 IP addresses.

63-156-143-204.dia.static.qwest.net
August 21, 2016

50-202-229-71-static.hfc.comcastbusiness.net
August 13, 2015

63-156-143-214.dia.static.qwest.net
February 12, 2014

File downloads found at URLs served by atstools.net.

1 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (d83a11b27fe72ce926724a60f27a61b2)

1 / 68
http://atstools.net/TK/.../avgtool64.exe  (avg_remover_stf_x64_2013_2706.exe)

0 / 68
http://atstools.net/TK/.../vcredist_x86.exe  (b936f0f378b9a35489353e878154e899)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (8c7bf8e92baf0941f06418bdc737ff21)

5 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (c2501224c8fdccce3fdd217e5038de7f)

2 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (a02dd086936045555d21ffba9680a8e5)

1 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (c1c8b51f50fb6c96478b9f4a90a1875b)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (0cc1e5ad224af2572522451a085c328f)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (c01e27fcd7f38037cffa542bdafdfeed)

9 / 68      (PUP)
http://atstools.net/AEC.exe  (005b813e219dc66bce43469b24ee21d5)

3 / 68      (inconclusive)
http://atstools.net/AEC.exe  (98d8d6a356de055b58ae0f177de7a2fb)

October 9, 2014

URL:
http://atstools.net/

Web server:
Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 (PHP/5.4.16)