mhotspot.com

Sai Krishna MVM

Domain Information

The domain mhotspot.com registered by Sai Krishna MVM was initially registered in June of 2011 through BIGROCK SOLUTIONS LIMITED. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Provo, Utah within the United States which resides on the Unified Layer network.
Registrar:
GODADDY.COM, LLC

Server location:
Utah, United States (US)

Create date:
Saturday, June 4, 2011

Expires date:
Sunday, June 4, 2023

Updated date:
Tuesday, August 18, 2015

ASN:
AS46606 UNIFIEDLAYER-AS-1 - Unified Layer,US

Scanner detections:
Detections  (65% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/OpenCandy.A potentially unsafe application, Win32/Sality.NBA virus, Detection.Undefined, Win32/AutoRun.Delf.LV worm
83.33%

Dr.Web
Adware.OpenCandy.4, Adware.OpenCandy.137, Win32.Sector.30, Threat.Undefined, Trojan.Siggen6.55368, Detection.Undefined, Win32.Runonce.6652
60.00%

Reason Heuristics
PUP.OpenCandy.Installer (L)
53.33%

avast!
Win32:Adware-gen [Adw], Win32:SaliCode, Win32:Sality, Win32:AutoRun-CWJ [Trj], Win32:Kukacka, Win32:Oncer, Win32:Pioneer-C
36.67%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Virus:Win32/Sality.AT, Threat.Undefined
33.33%

McAfee
RDN/Generic PUP.x!blq, Artemis!2D32F0EBFA32, Virus.W32/Sality.gen.z, Program.Adware-OpenCandy, Virus.W32/Tainp.a, Virus.W32/Chir.b@MM
30.00%

AVG
OpenCandy, Win32/Sality, Worm/Delf.KKJ, Win32/Chir.B@mm
30.00%

Kaspersky
not-a-virus:AdWare.Win32.OpenCandy, Virus.Win32.Sality, Virus.Win32.Renamer, Email-Worm.Win32.Runouce
30.00%

Norman
Win32.Sality.3, Trojan.Generic.KDV.391478, Win32.Runouce.B@mm, Win32.Floxif.A
30.00%

F-Prot
W32/Sality.gen2, W32/Autorun.ZF, W32/Thecid.B@mm, W32/Floxif.B
26.67%

Sophos
Generic PUA CI, OpenCandy (PUA), PUA 'OpenCandy', Virus 'Mal/Sality-D', Virus 'W32/Renamer-L'
23.33%

Emsisoft Anti-Malware
Win32.Sality, Win32.Runouce.B@mm
23.33%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Threat.4721115
20.00%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy.C potentially unsafe (variant)
13.33%

K7 AntiVirus
Trojan , Unwanted-Program , Virus
13.33%

The domain mhotspot.com has been seen to resolve to the following 3 IP addresses.

ec2-54-243-185-251.compute-1.amazonaws.com
May 17, 2016

ec2-54-243-247-173.compute-1.amazonaws.com
May 15, 2016

server.mhotspot.com
September 2, 2014

File downloads found at URLs served by mhotspot.com.

0 / 68
http://mhotspot.com/mHotspot_setup_latest.exe  (75cf88f3fb8dee0071751de4cfa8d9b7)

0 / 68
http://mhotspot.com/.../mHotspot_setup.exe  (7bdc8827fc969865473d2ca61281fcb0)

0 / 68
http://mhotspot.com/.../mHotspot_setup_7.8.3.0.exe  (809c15a09f356b37b2c59ed5cbc0f819)

8 / 68      (PUP)
http://mhotspot.com/.../mHotspot_setup_7.0.0.4.exe  (af5fe6bd69cebcc6794a076699ef3e8d)

3 / 68      (PUP)
http://mhotspot.com/.../mHotspot_setup_7.6.0.0.exe  (c9117b7c9fb3b83e247ad6d383cdc11d)

3 / 68      (PUP)
http://mhotspot.com/.../mHotspot_setup_7.2.0.0.exe  (130899c5abf43a07f8fd68067dbd7f2d)

The following 16 files have been seen to comunicate with mhotspot.com in live environments.

September 2, 2014

URL:
http://mhotspot.com/

Google Analytics:
UA-25004435

Title:
“mHotspot | Turn your Laptop into WiFi Hotspot”

Web server:
Apache

Facebook:
Likes:  839
Shares:  1,635
Comments:  419

Statistics above are for the previous month of November 2024.