» down.woka123.cn
Overview
Analysis
IPs Addresses (3)
Downloads (3)
Related Domains (3)

down.woka123.cn

Domain Information

Server location:

Guangdong, China (CN)

ASN:

AS58543 CHINATELECOM-GUANGDONG-IDC Guangdong, CN

Root domain:

woka123.cn

Scanner detections:

Detections (67% detected)

Scan engine

Details

Detections

ESET NOD32

Win32/Kuping.K potentially unwanted (variant)

33.33%

IKARUS anti.virus

PUA.Kuping

33.33%

Emsisoft Anti-Malware

Gen:Variant.Graftor.268197

33.33%

ESET NOD32

Win32/Kuping.K potentially unwanted application

33.33%

Norman

Gen:Variant.Graftor.268197

33.33%

Reason Heuristics

PUP.Kuping

33.33%

The domain down.woka123.cn has been seen to resolve to the following 3 IP addresses.

113.105.245.106

May 16, 2016

218.107.196.251

April 12, 2016

117.34.7.110

March 3, 2016

File downloads found at URLs served by down.woka123.cn.

1 / 68 (PUP)

http://down.woka123.cn/qudao/.../Artfulcspc502.exe (rz.exe)

3 / 68 (PUP)

http://down.woka123.cn/qudao/.../Artfulcspc502.exe (artfulcspc303.exe)

2 / 68

http://down.woka123.cn/qudao/.../mrgy_306_tp.exe (a0c9b5955a808450601e64f15ad58c17)

Related Domains

splayer.org

25pp.com

phoenixos.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.