www.rocketbackups.com

MP3 Rocket Inc

Domain Information

The domain www.rocketbackups.com registered by MP3 Rocket Inc was initially registered in May of 2013 through REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER

Server location:
Quebec, Canada (CA)

Create date:
Friday, May 03, 2013

Expires date:
Wednesday, May 03, 2023

Updated date:
Monday, May 13, 2013

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.J, PUP.MP3Support.N, PUP.Optional.Installer.SCCE, PUP.Installer.MP3Support, Threat.Installer.SCCE, PUP.installCore.Installer, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta, PUP.OpenCandy.SCCE.Installer.Meta (M), PUP.installCore.MP3TechS.Installer (M)
83.67%

Dr.Web
Adware.Downware.1417, Adware.OpenCandy.139, Adware.OpenCandy.163, Adware.OpenCandy.171, Win32.Parite.1
63.27%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy, Threat.46248
63.27%

AVG
Generic, Win32/Parite
63.27%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/InstallCore.PY (variant), Win32/OpenCandy (variant), Win32/Injected (variant), Win32/OpenCandy.E potentially unsafe (variant)
61.22%

Baidu Antivirus
Adware.Win32.OpenCandy, Adware.Win32.InstallCore
59.18%

K7 Gateway Antivirus
Unwanted-Program , Trojan
55.10%

McAfee
Artemis!DD4D58D80482, Artemis!A1462ABB9F46, Artemis!9B554F1BB383, Artemis!0AC6AAF817DB, Artemis!2A6A8EA83A8E, Artemis!EF317EE22806, Artemis!9834C63403AD, Artemis!881710870ED5, Artemis!03401FFC6A8D
53.06%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
51.02%

K7 AntiVirus
Unwanted-Program
51.02%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
46.94%

Trend Micro House Call
TROJ_GEN.F47V1119, Suspicious_GEN.F47V0911, TROJ_GEN.F47V0203, Suspicious_GEN.F47V0204, Suspicious_GEN.F47V0129, Suspicious_GEN.F47V0226, Suspicious_GEN.F47V0418
44.90%

Kaspersky
not-a-virus:Downloader.Win32.Agent, Virus.Win32.Parite
42.86%

avast!
Win32:Malware-gen, Win32:Parite
42.86%

Sophos
Generic PUA NF, Generic PUA BF, Generic PUA OB, Generic PUA JB, Virus 'W32/Parite-A'
38.78%

The domain www.rocketbackups.com has been seen to resolve to the following 2 IP addresses.

August 27, 2015

April 26, 2014

File downloads found at URLs served by www.rocketbackups.com.

10 / 68    (PUP)
http://www.rocketbackups.com/.../mp3rocket.exe  (ef317ee2280617803d15c2043bd0c734)

2 / 68      (PUP)

URL:
http://www.rocketbackups.com/

Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4