facecores.com

HugeDomains.com

Domain Information

The domain facecores.com registered by HugeDomains.com was initially registered in February of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
DROPCATCH.COM 568 LLC

Server location:
Arizona, United States (US)

Create date:
Saturday, February 07, 2015

Expires date:
Tuesday, February 07, 2017

Updated date:
Monday, February 08, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Trend Micro
ADW_CORES, ADW_ADPLUG, ADW_POPUP
75.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.S, Artemis!74A973CB233C, Artemis!BCFA63EF9F40
75.00%

avast!
Win32:Dropper-gen [Drp], Win32:PUP-gen [PUP], Win32:Malware-gen
75.00%

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V0318, TROJ_GEN.R0CBH07CB14, ADW_ADPLUG
62.50%

MicroWorld eScan
Trojan.GenericKD.1608312, Adware.Generic.906744, Trojan.GenericKD.1613141, Gen:Variant.Strictor.54938
62.50%

McAfee
Artemis!74A973CB233C, Artemis!BCFA63EF9F40, Artemis!3A0E111294E9
62.50%

Bitdefender
Trojan.GenericKD.1608312, Adware.Generic.906744, Trojan.GenericKD.1613141, Gen:Variant.Strictor.54938
62.50%

Lavasoft Ad-Aware
Trojan.GenericKD.1608312, Adware.Generic.906744, Trojan.GenericKD.1613141, Gen:Variant.Strictor.54938
62.50%

F-Secure
Trojan.GenericKD.1608312, Adware.Generic.906744, Trojan.GenericKD.1613141, Gen:Variant.Strictor.54938
62.50%

G Data
Trojan.GenericKD.1608312, Adware.Generic.906744, Trojan.GenericKD.1613141, Gen:Variant.Strictor.54938
62.50%

Reason Heuristics
Threat.Win.Reputation.IMP
62.50%

Malwarebytes
Adware.PimpMyWindow
62.50%

VIPRE Antivirus
Adware.Win32.PimpMyWindow, Trojan.Win32.Generic
62.50%

ESET NOD32
Win32/CoresParaSite, Win32/CoresParaSite (variant)
62.50%

AVG
Generic5, Generic_c
62.50%

The domain facecores.com has been seen to resolve to the following 17 IP addresses.

ec2-52-206-43-234.compute-1.amazonaws.com
August 18, 2016

ec2-52-4-72-137.compute-1.amazonaws.com
August 18, 2016

ec2-107-23-198-240.compute-1.amazonaws.com
August 18, 2016

ec2-54-236-123-224.compute-1.amazonaws.com
August 18, 2016

ec2-54-210-33-190.compute-1.amazonaws.com
August 18, 2016

ec2-54-172-219-65.compute-1.amazonaws.com
May 25, 2016

ec2-52-20-195-18.compute-1.amazonaws.com
May 25, 2016

ec2-52-20-104-240.compute-1.amazonaws.com
May 20, 2016

ec2-107-23-195-178.compute-1.amazonaws.com
May 20, 2016

ec2-54-152-144-243.compute-1.amazonaws.com
April 16, 2016

ec2-52-200-243-123.compute-1.amazonaws.com
April 16, 2016

ec2-107-23-42-50.compute-1.amazonaws.com
February 26, 2016

ec2-52-73-136-140.compute-1.amazonaws.com
February 26, 2016

ec2-52-71-117-99.compute-1.amazonaws.com
February 13, 2016

ec2-52-0-96-24.compute-1.amazonaws.com
February 13, 2016

ip-50-63-202-85.ip.secureserver.net
April 30, 2014

March 14, 2014

File downloads found at URLs served by facecores.com.

2 / 68      (PUP)
http://facecores.com/.../appcoresfacebook.exe  (ca001f5157f6a9eb2d8357302af35a8d)

34 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (bcfa63ef9f40db9facfb8aa526164a6e)

35 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (69538696f61786e98a45683199fbc474)

14 / 68    (PUP)
http://facecores.com/.../appcoresfacebook.exe  (3a0e111294e9f49a56b98cb68dac16f5)

1 / 68      (Malware)
http://facecores.com/appcolor.exe  (efde239d3129d904382866866731c8c4)

36 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (74a973cb233ccef7c252cc06e466ad68)

34 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (7fb498f6e1e8c2784102fa594ca1ca41)

4 / 68
http://facecores.com/.../appcoresfacebook.exe  (5b3142afa1ad6a3c4d2bba05a71c27b1)

The following 50 files have been seen to comunicate with facecores.com in live environments.

 
Latest 20 of 53 files

February 26, 2016

URL:
http://facecores.com/

Google Analytics:
UA-7117339

Title:
“HugeDomains.com - FaceCores.com is for sale (Face Cores)”

Web server:
Microsoft-IIS/8.5 (ASP.NET)

30 of 50 related domains