The domain down.ruanmei.com registered by Zhangkai was initially registered in May of 2006 through 35 TECHNOLOGY CO., LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
35 TECHNOLOGY CO., LTD
Server location:
Zhejiang, China (CN)
Create date:
Thursday, May 4, 2006
Expires date:
Thursday, May 4, 2017
Updated date:
Tuesday, March 25, 2014
ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN
Scanner detections:
Detections (91% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.R, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.S, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.X, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.Q, PUP.QingdaoRuanmeiNetworkTechnology.Installer (M), PUP.QingdaoRuanmeiNetworkTechnology (M), PUP.QingdaoR.Installer (M), PUP (M)
95.45%
Rising Antivirus
PE:Trojan.Win32.Generic.1293B169!311669097, PE:Worm.Autorun!1.9EE3, PE:Malware.XPACK/RDM!5.1
40.91%
Dr.Web
Trojan.Moky.19, Trojan.Carberp.1395, Trojan.Siggen4.45560, DLOADER.Trojan
31.82%
McAfee
Artemis!83CE39AD3562, Artemis!A65FFC4B0913, Artemis!753032EC4D62, Artemis!0A237B244A59, Artemis!6C6B2676C944, Artemis!0E24B43D932B, Artemis!71D3CB1A708C
31.82%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, BScope.Trojan.Agent
22.73%
Trend Micro House Call
TROJ_GEN.F47V0527, Suspicious_GEN.F47V0330, Suspicious_GEN.F47V0419
13.64%
IKARUS anti.virus
Trojan.SuspectCRC, Trojan.Win32.Agent, Virus.Win32.Sality
13.64%
G Data
Win32.Trojan.Agent.6YOJG1
9.09%
Bkav FE
W32.HfsAdware, HW32.Packed
9.09%
NANO AntiVirus
Trojan.Win32.Stanit.cuckfy
4.55%
Sophos
Address Tool Bar
4.55%
Zillya! Antivirus
Downloader.Agent.Win32.281665
4.55%
ESET NOD32
Win32/MyDesk.A potentially unwanted
4.55%
Fortinet FortiGate
Riskware/MyDesk
4.55%
Qihoo 360 Security
Malware.QVM11.Gen
4.55%
The domain down.ruanmei.com has been seen to resolve to the following 7 IP addresses.
File downloads found at URLs served by down.ruanmei.com.
URL:
http://down.ruanmei.com/
Web server:
Microsoft-IIS/8.5 (ASP.NET)
Related Domains