The domain cdn-14b7.kxcdn.com registered by proinity GmbH was initially registered in January of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Providence, Utah within the United States which resides on the Hosting Services, Inc. network.
Registrar:
GODADDY.COM, LLC
Server location:
Utah, United States (US)
Create date:
Wednesday, January 30, 2013
Expires date:
Monday, January 30, 2017
Updated date:
Wednesday, November 19, 2014
ASN:
AS32780 HOSTINGSERVICES-INC - Hosting Services, Inc., US
Scanner detections:
Detections (96% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Amonitize.Installer, PUP.NovogradProektTOV.Installer (M), PUP.RealinvestSOFTTOV.Installer (M), PUP.PromgazstroiProektTOV.Installer (M), PUP.Amonitize.OpenSource.Installer (M), PUP.TheGroup.Installer (M), PUP.BitcoinMiner.UkrainskiTELERadioSystemyTOV.Installer (M), PUP.BitcoinMiner.SEILSOFTTOV.Installer (M), PUP.CPUMiner.ELEKRANSOFT.Installer (M), PUP.CPUMiner.PromgazstroiProektTOV.Installer (M), PUP.CPUMiner.Promgazs.Installer (M), PUP.OffToUp (M), PUP.Amonitize.OpenSour.Installer (M), Adware.Amonetize.OpenSour.Installer.Meta (M)
71.43%
Baidu Antivirus
Hacktool.Win32.BitCoinMiner, Hacktool.Win64.BitCoinMiner
44.90%
avast!
Multi:BitCoinMiner-B [PUP], Win32:Malware-gen, Win32:Miner-B [PUP], Win64:Malware-gen, Win32:PUP-gen [PUP], Win64:PUP-gen [PUP]
42.86%
K7 AntiVirus
Unwanted-Program , Trojan
36.73%
Emsisoft Anti-Malware
Trojan.GenericKD.2401063, Gen:Variant.Graftor.187607, Gen:Variant.Strictor.87902, Win32.Sality, Gen:Variant.Application.BitcoinMiner.16
36.73%
VIPRE Antivirus
Trojan.Win32.Generic, Threat.4741001, RiskTool.Win32.BitCoinMiner (not malicious), Threat.4150696, Threat.4721115
34.69%
G Data
Trojan.GenericKD.2401063, Gen:Variant.Graftor.187607, Gen:Variant.Strictor.87902, Win32.Application.Agent.K4Z8M9
34.69%
NANO AntiVirus
Riskware.Nsis.BitCoinMiner.dqgttf, Trojan.Win32.Ransom.dtleij
34.69%
MicroWorld eScan
Trojan.GenericKD.2401063, Gen:Variant.Graftor.187607, Gen:Variant.Strictor.87902
32.65%
Bitdefender
Trojan.GenericKD.2401063, Gen:Variant.Graftor.187607, Gen:Variant.Strictor.87902
32.65%
Avira AntiVirus
TR/BitCoinMiner.2402816, TR/BitCoinMiner.4518851, TR/BitCoinMiner.2402816.1, TR/BitCoinMiner.2410272, TR/BitCoinMiner.2410280
30.61%
F-Secure
Trojan.GenericKD.2401063, Gen:Variant.Graftor.187607, Gen:Variant.Strictor.87902
28.57%
Panda Antivirus
Trj/CI.A, Generic Suspicious
28.57%
Trend Micro House Call
Suspici.41E64941, TROJ_GE.1CDD7B40, TROJ_GE.895B2FA8, Suspici.1AA1EE0D, TROJ_GE.99286339, TROJ_GE.C68A679A, Suspici.34A7C78E
26.53%
ESET NOD32
Win32/BitCoinMiner.BY potentially unsafe (variant), Win64/BitCoinMiner.AT potentially unsafe (variant)
24.49%
The domain cdn-14b7.kxcdn.com has been seen to resolve to the following 3 IP addresses.
usny01.proinity.net
May 16, 2016
hosted-by.Eqserver.com
February 1, 2016
File downloads found at URLs served by cdn-14b7.kxcdn.com.
The following 11 files have been seen to comunicate with cdn-14b7.kxcdn.com in live environments.
URL:
http://cdn-14b7.kxcdn.com/
SSL certificate subject:
CN=*.kxcdn.com, OU=PositiveSSL Wildcard, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Related Domains