down.kan83.com

perpendyu chan

Domain Information

The domain down.kan83.com registered by perpendyu chan was initially registered in August of 2012 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Nanjing, Jiangsu within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Jiangsu, China (CN)

Create date:
Saturday, August 11, 2012

Expires date:
Tuesday, August 11, 2015

Updated date:
Tuesday, April 8, 2014

ASN:
AS23650 CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone,CN

Root domain:

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

McAfee
Artemis!51100B599664, Artemis!41F9F042BFE2, Artemis!F1AF152978DE
100.00%

Malwarebytes
Trojan.Downloader.Small, Trojan.Qhost
100.00%

Norman
Malware
66.67%

Trend Micro House Call
TROJ_GEN.F47V0119, TROJ_GEN.F47V1227
66.67%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
66.67%

Bkav FE
W32.Clodf20.Trojan
33.33%

Quick Heal
(Suspicious) - DNAScan
33.33%

Comodo Security
Virus.Win32.Virut.CE
33.33%

AhnLab V3 Security
PUP/Win32.StartPage
33.33%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
33.33%

XVirus List
Win32.Detected
33.33%

The domain down.kan83.com has been seen to resolve to the following IP address.

April 6, 2014

File downloads found at URLs served by down.kan83.com.

7 / 68      (PUP)

6 / 68      (Malware)
http://down.kan83.com/wuji/.../setup_4183.exe  (f1af152978dea30e2986078a617662d8)

5 / 68      (Malware)

7 / 68      (PUP)
http://down.kan83.com/wuji/.../setup_2928.exe  (41f9f042bfe2f7c43ec2a26a614e9364)

URL:
http://down.kan83.com/

Title:
“sta!”

Web server:
nginx/1.5.10