home

utorrent.descargar.es

Domain Information

Server location:
Madrid, Spain (ES)

ASN:
AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Root domain:
descargar.es

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.ironSource.Bundler, PUP.Vittalia.FormulaEFTEuropa.Bundler (M), PUP.installCore.WorldSetup (M), PUP.Vittalia.FormulaE.Bundler (M), PUP.Vittalia.Bundler (M), PUP.installCore.WorldSet (M), PUP.InstallCore.AC.Installer (M), PUP.installCore.ISfreemi (M), PUP.InstallCore.AmazingS.Installer (M), PUP.Tightrope.Statscom.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.OnekitInternet.Bundler (M), PUP.InstallCore.FC.Installer (M), Threat.Win.Reputation.IMP, PUP.Tightrope (M), PUP.InstallCore.AC (M), PUP.installCore (M), PUP.Vittalia (M), PUP.Outbrowse (M)
100.00%

Dr.Web
Trojan.Packed.24524, Trojan.Packed.28474, Trojan.Packed.30531
8.00%

ESET NOD32
Win32/InstallCore.JE.gen potentially unwanted application, Win32/InstallCore.BY potentially unwanted application, Win32/Injected.F trojan
8.00%

McAfee
Artemis!F6314EDD8478, Artemis!55C8C49205EE
4.00%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.InstallCore.A
4.00%

Comodo Security
Application.Win32.Installcore.BB
4.00%

VIPRE Antivirus
InstallCore.b
4.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/InstallCore.dff
4.00%

Sophos
Install Core, Install Core Click run software
4.00%

Vba32 AntiVirus
Downware.InstallCore
4.00%

AVG
Trojan horse Ransomer.DBB, Adware InstallCore
4.00%

Qihoo 360 Security
Win32/Virus.Adware.94c, HEUR/Malware.QVM20.Gen
4.00%

Trend Micro House Call
TROJ_GEN.F47V0227, TROJ_GEN.F47V1222
4.00%

Emsisoft Anti-Malware
Gen:Variant.Zusy.68408, Adware.PUQD
4.00%

Fortinet FortiGate
Riskware/InstallCore_JE
4.00%

The domain utorrent.descargar.es has been seen to resolve to the following 8 IP addresses.

109.70.130.155
155.130.70.109.factoriadigital.com
June 2, 2016

185.57.173.188
December 25, 2015

185.47.13.82
July 23, 2015

109.70.129.198
July 23, 2015

93.189.36.169
rack24u4.hispaweb.net
May 3, 2015

93.189.35.249
April 14, 2014

93.189.35.250
January 6, 2014

93.189.35.248
me.paso.sin.aimb0t.co.cc
January 6, 2014

File downloads found at URLs served by utorrent.descargar.es.

1 / 68      (Adware)
http://utorrent.descargar.es/down.php  (installer_utorrent_spanish.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../down.php?p=FR-1phads  (installer_utorrent_french.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/down.php?p=  (installer_utorrent_spanish.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../download  (installer_utorrent_3_4_1.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/download  (installer_utorrent_3_4_1_spanish.exe)

3 / 68      (PUP)
http://utorrent.descargar.es/.../down.php?p=UK-1phads  (installer_utorrent_english.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../down.php?p=CA-1phads  (installer_utorrent_english.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../down.php?p=DK-1phads  (installer_utorrent_english.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../down.php?p=ADCASH-17770420021389212078  (installer_utorrent_english.exe)

1 / 68      (Adware)
http://utorrent.descargar.es/.../down.php?p=UK-7SEARCH  (installer_utorrent_english.exe)

The following 6 files have been seen to comunicate with utorrent.descargar.es in live environments.

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
cyberclient.exe (CyberPlanet by Proyecto Redes)

TCP » 109.70.130.155:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 93.189.35.249:80
banaduy.exe (Maskaseft Visual Studio 2010 by Maskaseft)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.