home

www.arabloads.net

Ultimateserv.com

Domain Information

The domain www.arabloads.net registered by Ultimateserv.com was initially registered in January of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Wednesday, January 8, 2014

Expires date:
Sunday, January 8, 2017

Updated date:
Monday, January 4, 2016

ASN:
AS16276 OVH OVH SAS,FR

Root domain:
arabloads.net

Whois:
1 arabloads.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SITEONSPOT.Y, PUP.SITEONSPOT.X, Adware.Somoto.Installer.Meta (M)
100.00%

SUPERAntiSpyware
PUP.Somoto/Variant
50.00%

avast!
Win32:Somoto-P [PUP]
50.00%

Clam AntiVirus
Win.Adware.Somoto
50.00%

Kaspersky
not-a-virus:Downloader.NSIS.Mazel
50.00%

NANO AntiVirus
Riskware.Win32.Downware.digcac
50.00%

Dr.Web
Trojan.Packed.26824
50.00%

VIPRE Antivirus
BetterInstaller, Threat.4783461
50.00%

Avira AntiVirus
APPL/Somoto.hzis
50.00%

AhnLab V3 Security
Win-PUP/Somoto
50.00%

AVG
Generic
50.00%

Trend Micro House Call
Suspicious_GEN.F47V1126
25.00%

McAfee
Artemis!14F33342BCF6
25.00%

Baidu Antivirus
Hacktool.Win32.Mazel
25.00%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen
25.00%

The domain www.arabloads.net has been seen to resolve to the following IP address.

5.196.127.161
arabloads.net
March 2, 2016

File downloads found at URLs served by www.arabloads.net.

1 / 68      (PUP)
http://www.arabloads.net/.../S_downloader-I0IPIFswc.exe  (1d031e5cf5d94abe2eb2f88e9ce846ce)

15 / 68    (Adware)
http://www.arabloads.net/.../advphp_downloader-IbIdF7HWw.exe  (02_downloader-qdwr7revu.exe)

1 / 68      (PUP)
http://www.arabloads.net/.../ArabSeed_downloader-I8iNdDnOZ.exe  (d53ddd9be1f4363f19a160586c095da7)

15 / 68    (Adware)
http://www.arabloads.net/.../ALZ_downloader-Q0pXApFfq.exe  (14f33342bcf60a1f814ad5e8ac04354c)

The following file have been seen to comunicate with www.arabloads.net in live environments.

TCP » 5.196.127.161:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://www.arabloads.net/

Google Analytics:
UA-35176715

Title:
“ArabLoads | Cloud Storage - Easy way to share your files”

Description:
“ArabLoads | Cloud Storage - Free file upload service”

Web server:
Special Edition By us.com.eg

Facebook:
Likes:  5
Shares:  29
Comments:  11

Statistics are for the previous month.

arabloads.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.