home

java.descargar.es

Domain Information

Server location:
Madrid, Spain (ES)

ASN:
AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Root domain:
descargar.es

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ISfreemium.W, PUP.VittaliaLimited.W, PUP.Installer.Air Software, PUP.Tightrope.Bundler, PUP.installCore.ISfreemium (M), PUP.Vittalia.100Blogs.Bundler (M), PUP.Vittalia.VittaliaInternetSL.Bundler (M), PUP.installCore.ISfreemi (M), PUP.installCore.MaxSetup (M), PUP.Vittalia.Bundler (M), PUP.Vittalia.FormulaE.Bundler (M), PUP.Air Software (M), PUP.installCore (M)
100.00%

VIPRE Antivirus
InstallCore, Threat.4150696, AirInstaller, Threat.4786018
25.00%

K7 AntiVirus
Unwanted-Program
20.83%

Avira AntiVirus
APPL/InstallCore.dff, ADWARE/InstallCore.Gen7, APPL/Downloader.Gen, ADWARE/Adware.Gen
20.83%

Malwarebytes
PUP.Optional.Freemium.A, PUP.Optional.BundleInstaller.A, PUP.Optional.DownloadAssistant, PUP.Optional.DownloadAdmin
20.83%

Sophos
Install Core Click run software, PUA 'AirInstaller', Download Admin
20.83%

Dr.Web
Trojan.Packed.24524, Trojan.Packed.26758, Trojan.Vittalia.4
20.83%

Agnitum Outpost
PUA.InstallCore, Riskware.Agent
16.67%

ESET NOD32
Win32/InstallCore.BY potentially unwanted application, Win32/InstallCore.OP potentially unwanted application, Win32/DownloadAssistant.A potentially unwanted application, Win32/Kryptik.BWJC trojan
16.67%

G Data
Win32.Application.InstallCore, Application.Bundler.FX
12.50%

McAfee
Artemis!B1229B360815, Artemis!47AB23783EA5, Adware-DomaIQ
12.50%

Vba32 AntiVirus
Downware.InstallCore
12.50%

F-Prot
W32/A-42c63c6c, W32/A-6c5f2e7b
12.50%

avast!
Win32:Adware-gen [Adw]
12.50%

NANO AntiVirus
Riskware.Win32.InstallCore.dcuobo, Riskware.Text.Download.dbngbb
12.50%

The domain java.descargar.es has been seen to resolve to the following 7 IP addresses.

109.70.130.155
155.130.70.109.factoriadigital.com
June 3, 2016

185.47.13.82
January 29, 2016

185.57.173.188
January 29, 2016

93.189.36.169
rack24u4.hispaweb.net
May 6, 2015

93.189.35.249
July 7, 2014

93.189.35.248
me.paso.sin.aimb0t.co.cc
January 23, 2014

93.189.35.250
January 23, 2014

File downloads found at URLs served by java.descargar.es.

1 / 68      (Adware)
http://java.descargar.es/down.php?p=ADCASH-13960299401389641560  (installer_java_spanish.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=ADCASH-13246216501389540635  (installer_java_french.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=ADCASH-30121985201389457054  (installer_java_portuguese.exe)

1 / 68      (Adware)
http://java.descargar.es/down.php  (installer_java_spanish.exe)

1 / 68      (Adware)
http://java.descargar.es/down.php?p=ADCASH-13356195721389555242  (installer_java_spanish.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=BR-ADSTERRA&trckid=MTg0fDEyMjF8QlJ8M3wxfHw|d5ad93263d40dd6c953e02c82ce29fa0|4f738650-8c45-11e3-9229-002590f00f96  (installer_java_portuguese.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=ADCASH-30965688991388502286  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=BR-ADSTERRA-MTU3fDY5NXxCUnwzfDF8fA|6eced7b5e540a6d8520d4834ab52ba27  (installer_java_portuguese.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=BR-ADSTERRA-MTU3fDY5NXxCUnwzfDF8fGEyVjVkMjl5WkEqUTI5c1pYVERvbTVsWVNCUWNtOTJZWE1nWkdVZ1NXNW1iM0p0dzZGMGFXTmhJQzRnUTBWVFVFVWdLSGQzZHk1amIyNWpkWEp6WldseWIzTmtiMkp5WVhOcGJDNXVaWFFwTG5Ca1pn|6eced7b5e540a6d8520d4834ab52ba27  (installer_java_portuguese.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=US-7SEARCH  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=BR-ADSTERRA-MTU3fDY5NXxCUnwzfDF8fA|6eced7b5e540a6d8520d4834ab52ba27  (installer_java_portuguese.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=UK-7SEARCH  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/down.php?p=ADCASH-15472146951388612478  (installer_java_spanish.exe)

1 / 68      (Adware)
http://java.descargar.es/down.php  (installer_java_spanish.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=UK-7SEARCH&kw=java plugin  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=ADCASH-31641292571388848169  (installer_java_english.exe)

6 / 68      (PUP)
http://java.descargar.es/.../down.php?p=CA-7SEARCH  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/.../down.php?p=ADCASH-31041521751389018363  (installer_java_english.exe)

1 / 68      (Adware)
http://java.descargar.es/down.php?p=ADCASH-426752851388657622  (installer_java_spanish.exe)

10 / 68    (Adware)
http://java.descargar.es/down.php  (installer_java_spanish.exe)

16 / 68    (Adware)
http://java.descargar.es/.../down.php?p=US-7SEARCH&kw=java download  (installer_java_english.exe)

15 / 68    (Adware)
http://java.descargar.es/.../down.php?p=CA-ADSTERRA&trckid=MjUyfDkzOXxDQXwzfDF8fA|87c5e57b5f057010641a2c59059b8082  (installer_java_english.exe)

24 / 68    (Adware)
http://java.descargar.es/.../down.php?p=CA-7SEARCH  (installer_java_english.exe)

25 / 68    (Adware)
http://java.descargar.es/down.php?p=ADCASH-13963545211389963677  (installer_java_spanish.exe)

The following 6 files have been seen to comunicate with java.descargar.es in live environments.

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
cyberclient.exe (CyberPlanet by Proyecto Redes)

TCP » 109.70.130.155:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 93.189.35.249:80
banaduy.exe (Maskaseft Visual Studio 2010 by Maskaseft)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.