Server location:
Pais Vasco, Spain (ES)
ASN:
AS57910 SCIP-AS Soluciones Corporativas IP, SL,ES
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.GeryonAdsSL.Q, PUP.GeryonAdsSL.CC, PUP.Installer.GeryonAds, PUP.SoftInstall.Installer (M), PUP.GeryonAds.Installer (M), PUP.installCore.GeryonAds (M), PUP.installCore.GeryonAds.Installer (M)
95.24%
ESET NOD32
Win32/InstallCore.QH (variant), Win32/InstallCore.QL (variant), Win32/InstallCore.QF (variant), Win32/InstallCore.RD (variant)
66.67%
Baidu Antivirus
Adware.Win32.InstallCore
61.90%
McAfee
Artemis!F55B7494E455, Artemis!7806A2207A41, Artemis!F1BE48EB6A9C, Artemis!72C1117ADBF8, Artemis!61525A6BCCB2, Artemis!C5DCCC89E9C6, Artemis!0936D4EC1A3F, Artemis!4F4F63EE1636, Artemis!F4A9D2711A8B
42.86%
VIPRE Antivirus
InstallCore, Trojan.Win32.Generic
42.86%
Trend Micro House Call
ADW_INSTACORE, Suspicious_GEN.F47V1112, Suspicious_GEN.F47V0913, Suspicious_GEN.F47V1217, TROJ_GEN.R02SC0OJS14, Suspicious_GEN.F47V1115
42.86%
Dr.Web
Trojan.MulDrop5.38104, Trojan.Packed.28933, Trojan.InstallCore.1903
38.10%
Fortinet FortiGate
Riskware/InstallCore
28.57%
Avira AntiVirus
Adware/InstallCore.A.231, ADWARE/InstallCore.Gen9, ADWARE/InstallCore.Gen7
23.81%
K7 AntiVirus
Unwanted-Program , Trojan
23.81%
Trend Micro
ADW_INSTACORE, TROJ_GEN.R02SC0OJS14, TROJ_GEN.R02SC0OJH14
14.29%
Vba32 AntiVirus
Malware-Cryptor.InstallCore.gen
14.29%
Sophos
Generic PUA PN, Install Core Click run software, Generic PUA CJ
14.29%
ESET NOD32
Win32/InstallCore.QL potentially unwanted application, Win32/InstallCore.ADX.gen potentially unwanted application
9.52%
The domain free-download.so has been seen to resolve to the following 3 IP addresses.
www.renewyourexpireddomain.com
April 5, 2016
File downloads found at URLs served by free-download.so.
The following file have been seen to comunicate with free-download.so in live environments.