home

abdl.baijiai.com

DOMAIN WHOIS PROTECTION SERVICE

Domain Information

The domain abdl.baijiai.com registered by DOMAIN WHOIS PROTECTION SERVICE was initially registered in February of 2013 through JIANGSU BANGNING SCIENCE & TECHNOLOGY CO. LTD. Currently this domain has been known to host various forms of malware. The hosted servers are located in Suqian, Jiangsu within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
JIANGSU BANGNING SCIENCE & TECHNOLOGY CO. LTD

Server location:
Jiangsu, China (CN)

Create date:
Friday, February 1, 2013

Expires date:
Wednesday, February 1, 2017

Updated date:
Thursday, January 14, 2016

ASN:
AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone, CN

Root domain:
baijiai.com

Whois:
1 baijiai.com record

Google Safe Browsing:
malware

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

avast!
Win32:Trojan-gen
100.00%

Bkav FE
W32.eHeur.Downloader
50.00%

MicroWorld eScan
Gen:Variant.Graftor.202342
50.00%

Quick Heal
RiskWare.Chinbo.A5
50.00%

McAfee
Artemis!42F3323485F8
50.00%

Malwarebytes
RiskWare.Chinbo
50.00%

VIPRE Antivirus
Trojan.Win32.Generic
50.00%

K7 AntiVirus
Riskware
50.00%

Arcabit
Trojan.Graftor.D31666
50.00%

ESET NOD32
Win32/RiskWare.Chinbo (variant)
50.00%

Bitdefender
Gen:Variant.Graftor.202342
50.00%

Agnitum Outpost
RiskWare.Chinbo
50.00%

Lavasoft Ad-Aware
Gen:Variant.Graftor.202342
50.00%

Emsisoft Anti-Malware
Gen:Variant.Graftor.202342
50.00%

F-Secure
Gen:Variant.Graftor.202342
50.00%

The domain abdl.baijiai.com has been seen to resolve to the following 2 IP addresses.

222.187.220.151
April 12, 2016

122.195.189.187
April 12, 2016

File downloads found at URLs served by abdl.baijiai.com.

2 / 68      (Malware)
http://abdl.baijiai.com/.../sevice_833_38289.exe  (66cbae13f4623dd3cf8e6e6caa9df65d)

23 / 68    (PUP)
http://abdl.baijiai.com/.../sevice_833_38289.exe  (42f3323485f8575cb45e82aaeb0ee308)

URL:
http://abdl.baijiai.com/

Title:
“”

Web server:
Microsoft-IIS/6.0 (ASP.NET)

idca6.com

chinadysj.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.