home

hqhub.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain hqhub.net is registered by proxy through ENOM, INC. and was originally registered in November of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Thursday, November 21, 2013

Expires date:
Monday, November 21, 2016

Updated date:
Tuesday, October 27, 2015

ASN:
AS39572 ADVANCEDHOSTERS-AS ADVANCEDHOSTERS LIMITED

Whois:
2 hqhub.net records

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.ITLGROUP.e, PUP.Installer.ITLGROUP.f, PUP.Installer.ITLGROUP.I, PUP.Installer.AMGRUP.r, PUP.Amonetize.ShetefSolutionsConsulting1998.Bundler (M), PUP.Amonetize.ITLGROUP.Bundler (M), PUP.Amonetize.ShetefSo.Bundler (M)
95.45%

AhnLab V3 Security
PUP/Win32.Amonetiz, PUP/Win32.Amonetize
63.64%

ESET NOD32
Win32/Amonetize.AS (variant), Win32/Amonetize.CC (variant), Win32/Amonetize.BP (variant), Win32/Amonetize.CH (variant), Win32/Amonetize.CK (variant)
63.64%

McAfee
PUP-FBM!A300FBB77CCD, Artemis!3F9444058CBF, Artemis!BDE0556AC9BD, Artemis!963A3D811EAB, Artemis!61DE395860CD, Artemis!FF39F2C5F9C1, Artemis!F23EBE58EE48, Artemis!A215709E1BCE
59.09%

Sophos
Amonetize, Generic PUA HK, Generic PUA PF, Generic PUA IH, Generic PUA HH, Generic PUA JL, Generic PUA HM, Generic PUA JG
59.09%

Avira AntiVirus
ADWARE/Adware.Gen2, TR/Rogue.805376.8, ADWARE/Adware.Gen4, Adware/Amonetize.576200.16, Adware/Amonetize.576192.24, Adware/Amonetize.478400.1
54.55%

Fortinet FortiGate
Riskware/Amonetize, Adware/Amonetize
54.55%

NANO AntiVirus
Riskware.Win32.Amonetize.czmevd, Riskware.Win32.Amonetize.djipcz, Riskware.Win32.Amonetize.djmhrz, Riskware.Win32.Amonetize.dkinix
50.00%

Trend Micro House Call
TROJ_GEN.R0CBB01ES14, Suspicious_GEN.F47V1126, Suspicious_GEN.F47V1129, Suspicious_GEN.F47V1215, TROJ_GEN.R047H07LU14, Suspicious_GEN.F47V1230
50.00%

AVG
Generic_r, Adware Generic_r.YL
50.00%

K7 AntiVirus
Trojan , Unwanted-Program
45.45%

avast!
Win32:Amonetize-BJ [PUP], Win32:Malware-gen, Win32:Amonetize-GN [PUP], Win32:Adware-gen [Adw], Win32:Amonetize-FM [PUP]
45.45%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Yotoon
45.45%

Dr.Web
Adware.Downware.3925, Trojan.Amonetize.341, Trojan.Adfltnet.70, Adware.Downware.8868, Adware.Downware.8618
36.36%

MicroWorld eScan
Trojan.Generic.11333135, Trojan.GenericKD.1995819, Gen:Variant.Adware.Strictor.68509, Application.Bundler.Amonetize.AO, Gen:Variant.Adware.Graftor.161610, Gen:Variant.Application.Bundler.Amonetize.18
31.82%

The domain hqhub.net has been seen to resolve to the following 2 IP addresses.

46.229.166.162
November 25, 2015

46.229.166.161
November 29, 2014

File downloads found at URLs served by hqhub.net.

5 / 68      (PUP)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6629_i1424015940_il263420.exe)

1 / 68      (Malware)
http://hqhub.net/download_player.php?a=97600  (dvmediaplayer__6701_i1332264937_il113.exe)

17 / 68    (Adware)
http://hqhub.net/download_player.php?a=112570  (00000000)

1 / 68      (inconclusive)
http://hqhub.net/download_player.php?a=97330  (dvmediaplayer_setup.exe)

27 / 68    (PUP)
http://hqhub.net/download_player.php?a=105030  (flashplayer__4369_i729954489_il8.exe)

10 / 68    (Adware)
http://hqhub.net/download_player.php?a=97600&f=1  (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

11 / 68    (Adware)
http://hqhub.net/download_player.php?a=105570  (file.downloader__9581_il23.exe)

1 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1409206943_il21.exe)

1 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1397855421_il32.exe)

1 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1396460328_il32.exe)

1 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1417309581_il103.exe)

1 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1389971022_il197.exe)

26 / 68    (Adware)
http://hqhub.net/download_player.php?a=97603  (00000000)

12 / 68    (Adware)
http://hqhub.net/download_player.php?a=126470  (brazzersporngenerator__5160_i1434478919_il174451.exe)

26 / 68    (Adware)
http://hqhub.net/download_player.php?a=97600&f=1  (microsoftoffice2013proplusx86x64fullserialkey,licensefreedownload__11057_il1437.exe)

19 / 68    (Adware)
http://hqhub.net/download_player.php?a=97603  (dvmediaplayer__6701_i1416370968_il103.exe)

29 / 68    (Adware)
http://hqhub.net/download_player.php?a=97600  (dvmediaplayer__6701_i1330625886_il202.exe)

14 / 68    (Adware)
http://hqhub.net/download_player.php?a=97603  (nitro pro 9.0.7.5 serial key _ crack__7457_il24396_3.exe)

12 / 68    (Adware)
http://hqhub.net/download_player.php?a=97603  (file.downloader__9581_il263.exe)

7 / 68      (Adware)
http://hqhub.net/download_player.php?a=97603  ({blocked}.exe)

11 / 68    (Adware)
http://hqhub.net/download_player.php?a=97603  (poweriso __7227_il63925.exe)

25 / 68    (Adware)
http://hqhub.net/download_player.php?a=121390  (dvmediaplayer__6701_i1413039633_il22.exe)

URL:
http://hqhub.net/

Title:
“HD movies online”

Web server:
nginx/1.2.5 (PHP/5.2.17)

clipdownloader.net

clipskeeper.com

downloadsoundcloud.net

fbmessenger.net

letshare.us

letshareus.com

loadvids.net

morevids.net

videorush.net

mp3gino.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.