» www.ldelgado.es
Overview
Analysis
IPs Addresses (2)
Downloads (3)
Network (2)
Related Domains (3)

www.ldelgado.es

Domain Information

Server location:

Nord-Pas-De-Calais, France (FR)

ASN:

AS16276 OVH OVH Systems

Root domain:

ldelgado.es

Scanner detections:

Detections (67% detected)

Scan engine

Details

Detections

Reason Heuristics

Bundler.PPI.Softonic.W, PUP.Somoto.Bundler (M)

100.00%

McAfee

Artemis!FCF2BC01EA15

50.00%

Malwarebytes

PUP.Optional.Softonic.A

50.00%

K7 AntiVirus

Trojan

50.00%

Trend Micro House Call

TROJ_GEN.F47V1130

50.00%

Agnitum Outpost

PUA.Softonic

50.00%

Dr.Web

Adware.Downware.1657

50.00%

VIPRE Antivirus

Softonic Downloader

50.00%

Emsisoft Anti-Malware

Gen:Variant.Patched

50.00%

ESET NOD32

Win32/SoftonicDownloader (variant)

50.00%

Rising Antivirus

PE:Malware.Obscure/Heur!1.9E03

50.00%

The domain www.ldelgado.es has been seen to resolve to the following 2 IP addresses.

37.59.123.135

135.ip-37-59-123.eu

May 25, 2016

87.98.231.87

cluster014.ovh.net

February 7, 2014

File downloads found at URLs served by www.ldelgado.es.

1 / 68 (Adware)

http://www.ldelgado.es/aplicaciones/.../WIFIAuditor_Setup.exe (wifi-auditor.exe)

11 / 68 (PUP)

http://www.ldelgado.es/aplicaciones/.../WIFIAuditor_Setup.exe (wifiauditor_downloader.exe)

0 / 68

http://www.ldelgado.es/aplicaciones/.../JarFIX.exe (562ffc6d21fb467401754301a8d826ee)

The following 2 files have been seen to comunicate with www.ldelgado.es in live environments.

TCP » 87.98.231.87:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 87.98.231.87:80

rlvknlg.exe (Relevant-Knowledge by TMRG)

Related Domains

jasc-desarrollo.com

milpartituras.com

queiptengo.es

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.