home

antivirus1.descargar.es

Domain Information

Server location:
Madrid, Spain (ES)

ASN:
AS45037 HISPAWEB-NETWORK Propelin Consulting S.L.U.,ES

Root domain:
descargar.es

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Vittalia.Bundler (M), PUP.installCore.MaxSetup (M), PUP.Vittalia.FormulaEFTEuropa.Bundler (M), PUP.installCore.WorldSet (M)
100.00%

The domain antivirus1.descargar.es has been seen to resolve to the following 3 IP addresses.

109.70.130.155
155.130.70.109.factoriadigital.com
June 19, 2016

185.47.13.82
February 13, 2016

185.57.173.188
February 13, 2016

File downloads found at URLs served by antivirus1.descargar.es.

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=32203740961401588653  (installer_avg-anti-virus_portuguese.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=13174284981392116281  (installer_avg-anti-virus_italian.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=29722350981392498307  (installer_avg-anti-virus_portuguese.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/down.php?p=ADCASH&trckid=30454358641403406884  (installer_avg-anti-virus_spanish.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=18335480871401978370  (installer_avg-anti-virus_italian.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=30115086521392493487  (installer_avg-anti-virus_portuguese.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=26194783211395748342  (installer_avg-anti-virus_english.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=26194783211395748342  (installer_avg-anti-virus_english.exe)

1 / 68      (Adware)
http://antivirus1.descargar.es/.../down.php?p=ADCASH&trckid=29718471721403291009  (installer_avg-anti-virus_portuguese.exe)

The following 5 files have been seen to comunicate with antivirus1.descargar.es in live environments.

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 109.70.130.155:80
cyberclient.exe (CyberPlanet by Proyecto Redes)

TCP » 109.70.130.155:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.