home

dl.coin32.com

Digital Pine, LLC

Domain Information

The domain dl.coin32.com registered by Digital Pine, LLC was initially registered in August of 2013 through REGISTRAR OF DOMAIN NAMES REG.RU LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGISTRAR OF DOMAIN NAMES REG.RU LLC

Server location:
Bayern, Germany (DE)

Create date:
Monday, August 19, 2013

Expires date:
Friday, August 19, 2016

Updated date:
Wednesday, July 15, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Root domain:
coin32.com

Whois:
1 coin32.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!C8EF4F18BC1A, Artemis!72309AF6CBD7, Artemis!B9D958C7DD4C, Artemis!53B34D5162B5, RDN/Generic.tfr!ep
62.50%

G Data
Gen:Variant.Strictor.65831, Win32.Application.Zaxar, Gen:Variant.Kazy.596564, Trojan.Generic.14795843
62.50%

ESET NOD32
Win32/ZaxarGames (variant), Win32/ZaxarGames.D potentially unwanted (variant), Win32/Amonetize.ET potentially unwanted, MSIL/Agent.QMA (variant)
62.50%

Reason Heuristics
PUP.Installer.ZAXAR.Q, PUP.ZAXAR.Installer (M), PUP.CONCEPTIONSELECTIONDISTRIBUTIONINTERNATIONALE.Installer (M)
62.50%

Fortinet FortiGate
Riskware/ZaxarGames, Adware/Amonetize, MSIL/Agent.QMA!tr
50.00%

Trend Micro House Call
Suspici.651C691B, Suspicious_GEN.F47V0118, Suspicious_GEN.F47V0519, TROJ_GEN.R08NH09ED15
50.00%

AVG
Generic, BundleApp, MSIL8
50.00%

MicroWorld eScan
Gen:Variant.Strictor.65831, Trojan.GenericKD.2400895, Trojan.Generic.14795843
37.50%

VIPRE Antivirus
Trojan.Win32.Generic
37.50%

Bitdefender
Gen:Variant.Strictor.65831, Trojan.GenericKD.2400895, Trojan.Generic.14795843
37.50%

Lavasoft Ad-Aware
Gen:Variant.Strictor.65831, Trojan.GenericKD.2400895, Trojan.Generic.14795843
37.50%

F-Secure
Gen:Variant.Strictor.65831, Trojan.GenericKD.2400895, Trojan.Generic.14795843
37.50%

Avira AntiVirus
TR/Strictor.177152, ADWARE/Amonetize.461312, TR/Special.16896.4
37.50%

Malwarebytes
PUP.Optional.Zaxar.A, PUP.Optional.Amonentize.A
37.50%

Dr.Web
Adware.Zaxar.7, Trojan.Amonetize.3133, Trojan.Amonetize.3085
37.50%

The domain dl.coin32.com has been seen to resolve to the following IP address.

148.251.85.185
static.185.85.251.148.clients.your-server.de
February 27, 2016

File downloads found at URLs served by dl.coin32.com.

21 / 68    (PUP)
http://dl.coin32.com/upload/kJ/vG/.../Bundle.exe  (launch_3661.exe)

7 / 68      (Adware)
http://dl.coin32.com/upload/static/fm/.../ZaxarSetup.4.001.30.exe  (2bb8aec5fec5a9f0344aff6236279315)

25 / 68    (Malware)
http://dl.coin32.com/upload/DT/eu/.../fd6646eb-installer_vkpro.exe  (6f36235173d713697498b2ee913581db)

13 / 68    (Adware)
http://dl.coin32.com/upload/static/fm/.../ZaxarSetup.4.001.30.exe  (zaxarsetup.4.001.29.exe)

1 / 68      (PUP)
http://dl.coin32.com//upload/b2/rZ/.../MaxComputerCleaner.exe  (ceb8b679c93fc07f6a3307ac07655855)

1 / 68      (Adware)
http://dl.coin32.com/upload/static/fm/.../ZaxarSetup.4.001.30.exe  (986f43006fea41ad10e32b143af127b6)

4 / 68      (PUP)
http://dl.coin32.com/upload/7J/gt/.../Bundle_CPUminer.exe  (564p5fvywujxmllpf5v604bs564p5fvywujxmllpf5v604bs_cp.exe)

9 / 68      (Adware)
http://dl.coin32.com/upload/static/fm/.../ZaxarSetup.4.001.30.exe  (zaxarsetup.4.001.33.exe)

URL:
http://dl.coin32.com/

SSL certificate subject:
E=webmaster@coin32.com, CN=*.coin32.com, O="Digital Pine, LLC - ООО ”Диджитал Пайн”", L=Moscow, S=Moscow City, C=RU

SSL certificate issuer:
CN=StartCom Class 2 Primary Intermediate Server CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Web server:
nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.