s1.hulkload.com

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain s1.hulkload.com is registered by proxy through NAME.COM, INC. and was originally registered in October of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from s1.hulkload.com - Powered by Reason Core Security
Registrar:
NAME.COM, INC.

Server location:
Bayern, Germany (DE)

Create date:
Monday, October 01, 2012

Expires date:
Sunday, October 01, 2017

Updated date:
Sunday, August 11, 2013

ASN:
AS24940 HETZNER-AS Hetzner Online AG

Root domain:

Scanner detections:
Detections  (57% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Downware.1699, Adware.Downware.1575, Adware.Downware.964, infected with JS.Redirector.153
66.67%

Reason Heuristics
Bundler.PPI.CBSInteractive.o, PUP.Installer.ShetefSolutionsConsulting1998., PUP.Installer.KoyoteLab.S
50.00%

ESET NOD32
Win32/CNETInstaller (variant), Win32/Amonetize.AA (variant)
33.33%

IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent, Trojan.JS.Seedabutor
33.33%

Fortinet FortiGate
Riskware/Amonetize, JS/Redirector.XA!tr
33.33%

McAfee
Artemis!D770A95564A8, Program.HTML/Redirector
33.33%

Trend Micro House Call
TROJ_GEN.F47V1222, TROJ_GEN.F47V0312
33.33%

Comodo Security
ApplicUnwnt, Heur.Suspicious
33.33%

Avira AntiVirus
ADWARE/Adware.Gen2, HTML/DSPark.B
33.33%

McAfee Web Gateway
Artemis!D770A95564A8, HTML/Redirector
33.33%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Undef.(kcloud)
33.33%

Norman
Killav.NZH, Agent.ALGSM
33.33%

Boost by Reason
Bundler.PPI.CBSInteractive.o
16.67%

Malwarebytes
PUP.Optional.InstallMonetizer
16.67%

VIPRE Antivirus
Amonetize
16.67%

The domain s1.hulkload.com has been seen to resolve to the following IP address.

static.40.41.76.144.clients.your-server.de
December 26, 2013

File downloads found at URLs served by s1.hulkload.com.

14 / 68    (PUP)
http://s1.hulkload.com/files/7/.../Avc 4.rar  (693af78dd6829af52b5d379299bce9cd)

2 / 68
http://s1.hulkload.com/files/5/.../adwcleaner_3.216.exe  (b653dd91d5d6e519d3357a80a15a5dfb)

4 / 68      (PUP)
http://s1.hulkload.com/files/7/.../Dabel_Cleanup-ORG.exe  (cbsidlm-cbsi145-should_i_remove_it-bp-75834044.exe)

14 / 68    (Adware)
http://s1.hulkload.com/files/0/.../Wifi pirater mot de p_e v5 by achraf tycoon.exe  (download videos by ant com download dll__3038_i207517208_il13035716.exe)

3 / 68      (PUP)
http://s1.hulkload.com/files/8/.../fTalkSetup-r0-n-bf.exe  (5d07cecfa1d46efbaba6f4d6823a4a83)

The following file have been seen to comunicate with s1.hulkload.com in live environments.

URL:
http://s1.hulkload.com/

Web server:
Apache

Remove Malware from s1.hulkload.com - Powered by Reason Core Security