The domain dl.hzdmr.com registered by jianlong song was initially registered in December of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
EUTURBO.COM LLC
Server location:
Massachusetts, United States (US)
Create date:
Tuesday, December 22, 2015
Expires date:
Thursday, December 22, 2016
Updated date:
Tuesday, December 22, 2015
ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
(M), PUP.Installer.FIRSERIASL.J, PUP.Installer.AppsInstallerSL.V, PUP.Installer.AppsInstallerSL.M, PUP.Installer.AppsInstallerSL.I, PUP.Installer.AppsInstallerSL.L, PUP.Installer.AppsInstallerSL.N, PUP.Solimba.AppsInstaller.Installer (M), Win32.Generic, PUP.Solimba.AppsInst.Bundler (M), PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.PortalPr.Bundler (M), PUP.Solimba (M)
100.00%
Avira AntiVirus
W32/Mabezat, TR/Dropper.Gen, APPL/Solimba.Gen, APPL/Firseria.Gen8, PUA/Solimba.Gen
27.27%
Malwarebytes
PUP.Optional.Solimba.mr, PUP.Optional.Firseria
27.27%
VIPRE Antivirus
DownloadMR, Threat.4782980, Threat.4150696
27.27%
avast!
MSIL:Crypt-KA [PUP], Solimba-C [PUP], Win32:Solimba-C [PUP]
21.21%
K7 AntiVirus
Trojan , Unwanted-Program
21.21%
Sophos
Solimba Installer, DownloadMR
18.18%
Vba32 AntiVirus
Downware.Morstar, TScope.Trojan.MSIL, Signed-Downware.Morstar.AppsInstallerSL
18.18%
AVG
Generic_r, Skodna.Generic, Adware Skodna.Generic.AMG, Bechiro SL, AdInstaller.V
18.18%
Dr.Web
Adware.Downware.1125, Trojan.DownLoader11.24441
18.18%
Comodo Security
Application.Win32.Solimba.GW, Application.Win32.Solimba.LSW
18.18%
Fortinet FortiGate
Adware/Solimba, Riskware/Morstar
18.18%
ESET NOD32
MSIL/Solimba.AB, Win32/FirseriaInstaller (variant), MSIL/Solimba potentially unwanted
15.15%
Kaspersky
not-a-virus:Downloader.NSIS.Agent, not-a-virus:AdWare.Win32.Fiseria, not-a-virus:Downloader.Win32.Morstar
15.15%
NANO AntiVirus
Trojan.Win32.Generic.cskuge, Trojan.Win32.DownLoad3.daevxj, Trojan.Win32.Morstar.dfgpsr, Riskware.Win32.Downloader.cskuky
15.15%
The domain dl.hzdmr.com has been seen to resolve to the following 15 IP addresses.
a23-62-6-80.deploy.static.akamaitechnologies.com
December 2, 2014
a23-62-6-58.deploy.static.akamaitechnologies.com
October 24, 2014
a23-62-7-17.deploy.static.akamaitechnologies.com
September 27, 2014
a23-62-7-18.deploy.static.akamaitechnologies.com
September 27, 2014
a23-62-6-74.deploy.static.akamaitechnologies.com
September 2, 2014
a23-62-6-66.deploy.static.akamaitechnologies.com
September 2, 2014
a23-15-8-83.deploy.static.akamaitechnologies.com
January 14, 2014
a23-15-8-66.deploy.static.akamaitechnologies.com
January 14, 2014
a23-67-243-67.deploy.static.akamaitechnologies.com
November 16, 2013
File downloads found at URLs served by dl.hzdmr.com.
The following 332 files have been seen to comunicate with dl.hzdmr.com in live environments.
Web server:
nginx (PHP/5.3.29)