home

skinpacks.com

Hamed Soleimani

Domain Information

The domain skinpacks.com registered by Hamed Soleimani was initially registered in September of 2011 through REALTIME REGISTER BV. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in North York, Ontario within Canada which resides on the Yesup Ecommerce Solutions Inc. network.
Registrar:
REALTIME REGISTER BV

Server location:
Ontario, Canada (CA)

Create date:
Sunday, September 4, 2011

Expires date:
Friday, September 4, 2015

Updated date:
Tuesday, August 26, 2014

ASN:
AS22923 YESUP-389 - Yesup Ecommerce Solutions Inc.

Whois:
3 skinpacks.com records

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SomotoIsrael.FF, PUP.SomotoIsrael.y, PUP.SomotoIsrael.t, PUP.SomotoIsrael.s
90.00%

Clam AntiVirus
Trojan.Agent-267630
70.00%

VIPRE Antivirus
Trojan.Win32.Generic
70.00%

ESET NOD32
Win32/Somoto
70.00%

Panda Antivirus
Adware/MultiToolbar, PUP/MultiToolbar.A
70.00%

Dr.Web
Trojan.MulDrop4.11744
60.00%

K7 AntiVirus
Unwanted-Program , Trojan
50.00%

AhnLab V3 Security
Trojan/Win32.Agent, Win-Adware/Somoto.237016
50.00%

Malwarebytes
PUP.Optional.Somoto.A
50.00%

nProtect
Adware/W32.Agent.239064, Adware/W32.Agent.237016
40.00%

Trend Micro House Call
ADW_TOMOS, TROJ_GEN.F47V0202, TROJ_GEN.F47V0407, TROJ_GEN.F47V0321
40.00%

McAfee
Artemis!A672D5094C80, Artemis!EA72B0C74EE1, Artemis!603452E8CB1B, Artemis!A9E11043E575
40.00%

Sophos
Somoto BetterInstaller
40.00%

F-Prot
W32/Sefnit.C
30.00%

Avira AntiVirus
TR/Sefnit.L, APPL/Somoto.fses
20.00%

The domain skinpacks.com has been seen to resolve to the following IP address.

198.144.158.193
January 23, 2014

File downloads found at URLs served by skinpacks.com.

17 / 68    (Adware)
http://skinpacks.com/.../SkinPack_Auto_UXThemePatcher_3_downloader-0DSrzI4h.exe  (a9e11043e575326444a46a1860d39ac0)

12 / 68    (Adware)
http://skinpacks.com/.../SkinPack-9-win7-ver1_Downloader_downloader-6aC2Kzuo.exe  (603452e8cb1bba3a575a9557660ed006)

11 / 68    (Adware)
http://skinpacks.com/.../SkinPack-9-win7-ver1_Downloader_downloader-e9rQ9ytJ.exe  (f78e91d9c8917b7429e2b786170beed6)

8 / 68      (Adware)
http://skinpacks.com/.../SkinPack-9-win8-ver1_Downloader_downloader-62RVygLB.exe  (6aac15d09259fa3c1ddb4130b19268fe)

12 / 68    (Adware)
http://skinpacks.com/.../SkinPack_Auto_UXThemePatcher_3_downloader-1yijhrPg.exe  (3eddc5cb18c307c0bc69d86eee15c57f)

1 / 68      (Adware)
http://skinpacks.com/.../SkinPack-8-win7-ver1_Downloader_downloader-dMOGIHtu.exe  (b17eae2933dc897ca3d0319da70bb976)

13 / 68    (Adware)
http://skinpacks.com/.../SkinPack-8-win7-ver1_Downloader_downloader-2hH7lE9D.exe  (ea72b0c74ee11d2ae6e8814cf92a0aa4)

2 / 68      (false positives)
http://skinpacks.com/.../SkinPack-Kitkat-win8-ver1_Downloader_downloader-dOXPWFfo.exe  (wrar420.exe)

2 / 68      (false positives)
http://skinpacks.com/.../SkinPack-iOS7-win7-ver2_Downloader_downloader-cUrwKYRp.exe  (wrar420.exe)

18 / 68    (Adware)
http://skinpacks.com/.../SkinPack-Kitkat-win8-ver1_Downloader_downloader-cfcd3SJX.exe  (code_of_honor_the_french_foreign_legion_downloader-a9gnwzel.exe)

1 / 68      (Adware)
http://skinpacks.com/.../SkinPack-Kitkat-win7-ver1_Downloader_downloader-6KebR6jO.exe  (2704d5ccfb2adcd50513c583a2ad667c)

December 2, 2014
www.skinpacks.com

URL:
http://skinpacks.com/

Google Analytics:
UA-35451827

Title:
“Skin Pack”

Description:
“Theme and Transformation Pack”

Web server:
Apache/2 (PHP/5.3.26)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.