» d5.mp3rocket.com
Overview
Analysis
IPs Addresses (4)
Downloads (2)
Website Detail
Related Domains (8)

d5.mp3rocket.com

MP3 Rocket Inc

Domain Information

The domain d5.mp3rocket.com registered by MP3 Rocket Inc was initially registered in June of 2003 through REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.

Registrant:

MP3 Rocket Inc

Registrar:

REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER

Server location:

Quebec, Canada (CA)

Create date:

Tuesday, June 10, 2003

Expires date:

Thursday, June 10, 2021

Updated date:

Thursday, February 16, 2012

ASN:

AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

mp3rocket.com

Whois:

1 mp3rocket.com record

Scanner detections:

Detections (98% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.MP3Support.J, PUP.MP3Support.O, PUP.Installer.OpenCandy.J, PUP.Installer.MP3Support.J, PUP.Optional.Installer.SCCE, Threat.Installer.SCCE, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta

97.92%

ESET NOD32

Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant), Win32/InstallCore.PL (variant), Win32/InstallCore.PQ (variant), Win32/OpenCandy.A potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)

81.25%

Baidu Antivirus

Adware.Win32.InstallCore, Adware.Win32.OpenCandy

68.75%

Dr.Web

Adware.Downware.1417, Adware.OpenCandy.139, Adware.OpenCandy.144, Adware.OpenCandy.163, Adware.OpenCandy.171

66.67%

K7 AntiVirus

Unwanted-Program

64.58%

Zillya! Antivirus

Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012

60.42%

Trend Micro House Call

TROJ_GEN.F47V1119, HV_ZYX_BG250134.TOMC, Suspicious_GEN.F47V0116, Suspicious_GEN.F47V0413, Suspicious_GEN.F47V0415, Suspicious_GEN.F47V0429

56.25%

McAfee

Artemis!ACC7CAA5F5E5, Artemis!DDC73152F455, Artemis!EF317EE22806, Artemis!B124DE6B6AD1, Artemis!6321344358BB, Artemis!53E805F9835E, Artemis!57972EA1C2B2, Artemis!C1B40E9E46B5, Artemis!D8C15DE6EE7A, Artemis!31D2AE687345

56.25%

Fortinet FortiGate

Riskware/InstallCore, Riskware/OpenCandy

56.25%

VIPRE Antivirus

Opencandy, Trojan.Win32.Generic

56.25%

Sophos

Generic PUA NJ, Generic PUA HF, Generic PUA DD, Generic PUA JB

50.00%

Agnitum Outpost

Riskware.Agent

50.00%

AVG

Generic

47.92%

Bkav FE

W32.HfsAdware

43.75%

Kaspersky

not-a-virus:Downloader.Win32.Agent

43.75%

The domain d5.mp3rocket.com has been seen to resolve to the following 4 IP addresses.

August 30, 2016

February 4, 2016

June 30, 2015

March 28, 2014

File downloads found at URLs served by d5.mp3rocket.com.

20 / 68 (PUP)

http://d5.mp3rocket.com/.../MP3Rocket-Win.exe (mp3rocket.exe)

18 / 68 (Adware)

http://d5.mp3rocket.com/.../mp3rocket.exe (57972ea1c2b2c5196b7a577325ce721c)

URL:

http://d5.mp3rocket.com/

Title:

“MP3 Rocket Download YouTube to mp3 conversion done right”

Description:

“MP3 Rocket is dedicated to collecting the most popular music, videos, and MP3s. The best top music :) Home”

Web server:

Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Related Domains

imusicsearch.com

mp3rocket.me

safefiles.com

allmusicdownloads.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.