facecores.com

HugeDomains.com

Domain Information

The domain facecores.com registered by HugeDomains.com was initially registered in February of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from facecores.com - Powered by Reason Core Security
Registrar:
DROPCATCH.COM 568 LLC

Server location:
Arizona, United States (US)

Create date:
Saturday, February 07, 2015

Expires date:
Tuesday, February 07, 2017

Updated date:
Monday, February 08, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Scanner detections:
Detections  (75% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V0318, TROJ_GEN.R0CBH07CB14
75.00%

Trend Micro
ADW_CORES, ADW_ADPLUG
75.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.S, Artemis!74A973CB233C, Artemis!BCFA63EF9F40
75.00%

Reason Heuristics
Threat.Win.Reputation.IMP
75.00%

MicroWorld eScan
Trojan.GenericKD.1608312, Adware.Generic.906744
50.00%

nProtect
Trojan.GenericKD.1608312, Trojan-Clicker/W32.PimpMyWindow.1381376
50.00%

McAfee
Artemis!74A973CB233C, Artemis!BCFA63EF9F40
50.00%

avast!
Win32:Dropper-gen [Drp], Win32:PUP-gen [PUP]
50.00%

Bitdefender
Trojan.GenericKD.1608312, Adware.Generic.906744
50.00%

Lavasoft Ad-Aware
Trojan.GenericKD.1608312, Adware.Generic.906744
50.00%

F-Secure
Trojan.GenericKD.1608312, Adware.Generic.906744
50.00%

Kingsoft AntiVirus
Win32.Troj.GenericKD.v.(kcloud), Win32.Troj.PimpMyWindow.j.(kcloud)
50.00%

G Data
Trojan.GenericKD.1608312, Adware.Generic.906744
50.00%

Baidu Antivirus
PUA.Win32.Agent, Adware.Win32.PimpMyWindow
50.00%

Quick Heal
AdWare.PimpMyWindow.g3 (Not a Virus)
50.00%

The domain facecores.com has been seen to resolve to the following 4 IP addresses.

ec2-52-71-117-99.compute-1.amazonaws.com
February 13, 2016

ec2-52-0-96-24.compute-1.amazonaws.com
February 13, 2016

ip-50-63-202-85.ip.secureserver.net
April 30, 2014

March 14, 2014

File downloads found at URLs served by facecores.com.

1 / 68      (Malware)
http://facecores.com/appcolor.exe  (efde239d3129d904382866866731c8c4)

36 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (74a973cb233ccef7c252cc06e466ad68)

34 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (7fb498f6e1e8c2784102fa594ca1ca41)

4 / 68
http://facecores.com/.../appcoresfacebook.exe  (5b3142afa1ad6a3c4d2bba05a71c27b1)

The following 5 files have been seen to comunicate with facecores.com in live environments.

URL:
http://facecores.com/

Google Analytics:
UA-7117339

Title:
“HugeDomains.com - FaceCores.com is for sale (Face Cores)”

Web server:
Microsoft-IIS/8.5 (ASP.NET)

Remove Malware from facecores.com - Powered by Reason Core Security