home

down.xiazai2.net

yao yao

Domain Information

The domain down.xiazai2.net registered by yao yao was initially registered in January of 2015 through SHANGHAI MEICHENG TECHNOLOGY INFORMATION DEVELOPMENT CO., LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
SHANGHAI MEICHENG TECHNOLOGY INFORMATION DEVELOPMENT CO., LTD.

Server location:
Zhejiang, China (CN)

Create date:
Monday, January 19, 2015

Expires date:
Thursday, January 19, 2017

Updated date:
Saturday, February 28, 2015

Root domain:
xiazai2.net

Whois:
1 xiazai2.net record

Google Safe Browsing:
malware,unwanted

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

avast!
Win32:Malware-gen, Win32:Adware-gen [Adw], Win32:Parite, Win32:Apanas [Trj]
80.00%

VIPRE Antivirus
Trojan.Win32.Generic, Adware.NSIS.Agent, Threat.46249
70.00%

AVG
Generic, Win32/Parite
70.00%

Bkav FE
W32.HfsAdware
60.00%

Dr.Web
Trojan.Siggen6.36073, Trojan.Winlock.12717, Trojan.Winlock.12776
60.00%

Sophos
Mal/Agent-ARF, Xiazai Bundler (PUA), Generic PUA JC (PUA), Xiazai (PUA)
60.00%

AhnLab V3 Security
PUP/Win32.Helper, PUP/Win32.Generic, PUP/Win32.Downloader
60.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
60.00%

Panda Antivirus
Trj/Genetic.gen, Trj/CI.A
60.00%

Microsoft Security Essentials
SoftwareBundler:Win32/Xiazai, Threat.Undefined
60.00%

McAfee
Artemis!F776759FFD57, Artemis!A29B27C3B742, Artemis!0A9E7E5BC35F, Artemis!EB935ECEE39D, Artemis!C36159D42166
50.00%

Malwarebytes
PUP.Optional.Softcnapp, PUP.Optional.ChinAd
50.00%

K7 AntiVirus
Unwanted-Program , Riskware
50.00%

NANO AntiVirus
Trojan.Win32.Winlock.dqvnat
40.00%

Clam AntiVirus
Win.Trojan.Generickd-1403
40.00%

The domain down.xiazai2.net has been seen to resolve to the following 8 IP addresses.

121.41.95.192
August 30, 2016

121.41.10.159
August 30, 2016

139.129.104.12
July 22, 2016

120.55.235.116
May 20, 2016

122.114.50.189
October 13, 2015

211.149.245.113
October 13, 2015

211.149.231.175
October 13, 2015

122.114.91.56
October 13, 2015

File downloads found at URLs served by down.xiazai2.net.

0 / 68
http://down.xiazai2.net/?/85415/newasp/.../64?).exe  (word2007官方下载免费完整版免费版@2197_61965.exe)

18 / 68    (PUP)
http://down.xiazai2.net/?/61730/.../Microsoft Office2003 ??ü?????????.exe  (vagaanq╗nnnnnnv2.6.7.6nnnnn²n@37_10197.exe.malware)

0 / 68
http://down.xiazai2.net/?/125708/.../???¼??????.exe  (word2007官方下载免费完整版免费版@2197_61965.exe)

6 / 68      (Malware)
http://down.xiazai2.net/?/3207/.../BlueStacks 0.9.37.4307 ???.exe  (bluestacks0.9.37.4307中文版@74_3207.exe)

14 / 68    (PUP)
http://down.xiazai2.net/?/1-95875/.../Rabi-Ribi.exe  (萤石云视频电脑版3.0.0.1201官方pc版@28_142890.exe)

6 / 68      (Malware)
http://down.xiazai2.net/?/10231/.../???j?¼?????????????????????????????webcrk v3.6 ?????.exe  (随心登录破解网站密码(不能拿它作违法的事情)webc@2287_10231.exe)

25 / 68    (PUP)
http://down.xiazai2.net/?/179115/.../Hotspot Shield v3.42 ?????I????.exe  (夫妻成长日记下载@2119_1005710.exe)

14 / 68    (PUP)
http://down.xiazai2.net/?/78491/.../3ds??? 2.9.4 ???(3DS Emulator).exe  (vrayforsketchup2015中文破解版32@28_150048.exe)

14 / 68    (PUP)
http://down.xiazai2.net/?/36052/.../?l?????(Universal Viewer Pro)V6.5.6.2 ??????.exe  (vrayforsketchup2015中文破解版32@28_150048.exe)

18 / 68    (PUP)
http://down.xiazai2.net/cx/.../realcodec2.0()@28_88129.exe  (vagaanq╗nnnnnnv2.6.7.6nnnnn²n@37_10197.exe.malware)

14 / 68    (PUP)
http://down.xiazai2.net/?/10768/.../??????????????V2.2.8 ????????.exe  (萤石云视频电脑版3.0.0.1201官方pc版@28_142890.exe)

18 / 68    (PUP)
http://down.xiazai2.net/?/28715/.../easyrecovery.exe  (minidwep@57_64759.exe)

18 / 68    (PUP)
http://down.xiazai2.net/?/13715/.../EasyRecovery6.22????.exe  (vagaanq╗nnnnnnv2.6.7.6nnnnn²n@37_10197.exe.malware)

27 / 68    (PUP)
http://down.xiazai2.net/?/4767/.../Readiris Corporate 15.1 (OCR??????) ???????????? .exe  (readiriscorporate15.1(ocr识别软件)简体中文破解版@82_4767.exe)

1 / 68      (inconclusive)
http://down.xiazai2.net/?/47256/.../WinRAR?????.exe  (winrar_setup_lix_003.exe)

17 / 68    (PUP)
http://down.xiazai2.net/?/43113/.../????????????.exe  (苹果手机助手@60_114978.exe)

The following 3 files have been seen to comunicate with down.xiazai2.net in live environments.

TCP » 121.41.10.159:80
迅捷微信聊天记录恢复器3.2绿色版@304_170929.exe (Downloader)

TCP » 121.41.10.159:80
锐动天地光盘刻录大师@696_52158_2.exe (Downloader)

TCP » 121.41.95.192:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://down.xiazai2.net/

Web server:
Microsoft-IIS/7.5 (PHP/5.3.28,ASP.NET)

xiazai4.net

dxiaz.com

xiazaijia.cc

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.