download.modhosting.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain download.modhosting.net is registered by proxy through ENOM, INC. and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Tuesday, August 13, 2013

Expires date:
Saturday, August 13, 2016

Updated date:
Tuesday, July 14, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.MaxSetup.J, PUP.Installer.DirectionSoftware.J, PUP.installCore.DirectionSoftware.Installer (M), PUP.installCore.Directio.Installer (M), PUP.installCore (M)
100.00%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.Direction, PUP.Optional.InstallCore.A
24.32%

Agnitum Outpost
PUA.InstallCore
24.32%

VIPRE Antivirus
InstallCore.b, Threat.4788237, Threat.4150696
24.32%

Avira AntiVirus
ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen7
24.32%

Sophos
Install Core Click run software, PUA 'Install Core'
24.32%

AVG
MalSign.InstallC, Ransomer
24.32%

ESET NOD32
Win32/InstallCore.MJ (variant), Win32/InstallCore.JE.gen potentially unwanted (variant)
18.92%

G Data
Win32.Application.InstallCore
16.22%

Dr.Web
Adware.InstallCore.133, Trojan.Packed.24524
8.11%

K7 AntiVirus
Unwanted-Program
8.11%

K7 Gateway Antivirus
Unwanted-Program
8.11%

McAfee Web Gateway
BehavesLike.Win32.Trojan.jc, BehavesLike.Win32.CryptInno.jc
8.11%

Antiy Labs AVL
Trojan/Win32.SGeneric
8.11%

Vba32 AntiVirus
Downware.InstallCore
8.11%

The domain download.modhosting.net has been seen to resolve to the following 3 IP addresses.

ec2-54-221-234-56.compute-1.amazonaws.com
September 3, 2014

ec2-23-23-240-198.compute-1.amazonaws.com
September 3, 2014

ec2-54-225-220-83.compute-1.amazonaws.com
February 3, 2014

File downloads found at URLs served by download.modhosting.net.

1 / 68      (Adware)

 
Latest 30 of 42 download URLs