download.modhosting.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain download.modhosting.net is registered by proxy through ENOM, INC. and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from download.modhosting.net - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Tuesday, August 13, 2013

Expires date:
Saturday, August 13, 2016

Updated date:
Tuesday, July 14, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.MaxSetup.J, PUP.Installer.DirectionSoftware.J, PUP.installCore.DirectionSoftware.Installer (M)
100.00%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.Direction, PUP.Optional.InstallCore.A
64.29%

Agnitum Outpost
PUA.InstallCore
64.29%

VIPRE Antivirus
InstallCore.b, Threat.4788237, Threat.4150696
64.29%

Avira AntiVirus
ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen7
64.29%

Sophos
Install Core Click run software, PUA 'Install Core'
64.29%

AVG
MalSign.InstallC, Ransomer
64.29%

ESET NOD32
Win32/InstallCore.MJ (variant), Win32/InstallCore.JE.gen potentially unwanted (variant)
50.00%

G Data
Win32.Application.InstallCore
42.86%

Dr.Web
Adware.InstallCore.133, Trojan.Packed.24524
21.43%

K7 AntiVirus
Unwanted-Program
21.43%

K7 Gateway Antivirus
Unwanted-Program
21.43%

McAfee Web Gateway
BehavesLike.Win32.Trojan.jc, BehavesLike.Win32.CryptInno.jc
21.43%

Antiy Labs AVL
Trojan/Win32.SGeneric
21.43%

Vba32 AntiVirus
Downware.InstallCore
21.43%

The domain download.modhosting.net has been seen to resolve to the following 3 IP addresses.

ec2-54-221-234-56.compute-1.amazonaws.com
September 3, 2014

ec2-23-23-240-198.compute-1.amazonaws.com
September 3, 2014

ec2-54-225-220-83.compute-1.amazonaws.com
February 3, 2014

File downloads found at URLs served by download.modhosting.net.

Remove Malware from download.modhosting.net - Powered by Reason Core Security