b2-31d2.kxcdn.com

proinity GmbH

Domain Information

The domain b2-31d2.kxcdn.com registered by proinity GmbH was initially registered in January of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Providence, Utah within the United States which resides on the Hosting Services, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Utah, United States (US)

Create date:
Wednesday, January 30, 2013

Expires date:
Monday, January 30, 2017

Updated date:
Wednesday, November 19, 2014

ASN:
AS32780 HOSTINGSERVICES-INC - Hosting Services, Inc., US

Root domain:

Scanner detections:
Detections  (55% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Amonetize.OpenSource.Installer.Meta (M), Adware.Amonetize.OpenSour.Installer.Meta (M), Threat.Win.Reputation.IMP
75.00%

ESET NOD32
Win32/Sality.NBA virus, Win32/BitCoinMiner.BY potentially unsafe application
25.00%

Dr.Web
Win32.Sector.30, Detection.Undefined
25.00%

Norman
Win32.Sality.3, Gen:Variant.Application.BitcoinMiner.16, Zum.BitCoinMiner.1
25.00%

McAfee
Virus.Artemis!9F29294BD754, Trojan.Artemis!7405414AEFC7
16.67%

Kaspersky
Virus.Win32.Sality, not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner
16.67%

VIPRE Antivirus
Threat.4721115
8.33%

avast!
Win32:SaliCode
8.33%

Microsoft Security Essentials
Threat.Undefined
8.33%

F-Secure
Win32.Sality.3
8.33%

F-Prot
W32/Sality.gen2
8.33%

AVG
Win32/Sality
8.33%

Emsisoft Anti-Malware
Gen:Variant.Application.BitcoinMiner.16
8.33%

The domain b2-31d2.kxcdn.com has been seen to resolve to the following 3 IP addresses.

usny01.proinity.net
May 16, 2016

April 12, 2016

hosted-by.Eqserver.com
April 12, 2016

File downloads found at URLs served by b2-31d2.kxcdn.com.

4 / 68      (Malware)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (ic-0.88c69e2cc78e7.exe)

5 / 68      (Malware)

1 / 68      (PUP)

1 / 68      (PUP)

11 / 68    (Infected)
http://b2-31d2.kxcdn.com/B2.exe  (89867c748f2cb0af3b8084a43f0393a4)

1 / 68      (Malware)
http://b2-31d2.kxcdn.com/B2.exe  (8eaf8cb4e02b143d56bd7617864f59e7)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (4d0a8e8477806119046ab906080ca2bc)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (006080240086f9cb872e3cc7778591a0)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (0701ec5db752ea6496b36388316a202d)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (1e3ac27434205620cb6453a6ba301719)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (637b45a238f6cf423ec736e3272b00e5)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (a808fc23086cb3e9313d5244ec18d300)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (2bda9fd5d65386ca683843021c43ac72)

1 / 68      (PUP)

1 / 68      (PUP)
http://b2-31d2.kxcdn.com/B2.exe  (be69f05bc4ae9e9dd1b5283b7a8d65c2)

0 / 68
http://b2-31d2.kxcdn.com/B2.exe  (7b1e3473b9e421166b4f95eb6529a566)

1 / 68      (PUP)

The following 11 files have been seen to comunicate with b2-31d2.kxcdn.com in live environments.

URL:
http://b2-31d2.kxcdn.com/

SSL certificate subject:
CN=*.kxcdn.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
keycdn-engine

30 of 34 related domains