down.ybcoin.com
WHOISGUARD, INC. (Proxy Registrant)
Domain Information
The domain down.ybcoin.com is registered by proxy through ENOM, INC. and was originally registered in June of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beijing, Beijing within China which resides on the Asia Pacific Network Information Centre network.
Registrant:
WHOISGUARD, INC.
Server location:
Beijing, China (CN)
Create date:
Thursday, June 6, 2013
Expires date:
Monday, June 6, 2016
Updated date:
Friday, June 26, 2015
ASN:
AS54994 QUANTIL - QUANTIL, INC,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
McAfee
Artemis!D5E6119A1199, Artemis!D01E74D12EE0
100.00%
Malwarebytes
PUP.Optional.BitCoinMiner, RiskWare.BitCoinMiner
100.00%
VIPRE Antivirus
Trojan.Win32.Generic
100.00%
K7 AntiVirus
Trojan
100.00%
ESET NOD32
Win32/BitCoinMiner.W potentially unsafe (variant), Win64/BitCoinMiner.E potentially unsafe (variant)
100.00%
avast!
Win32:BitCoinMiner-FA [PUP], Win32:Miner-B [PUP]
100.00%
G Data
Win32.Riskware.BitCoinMiner, Win64.Riskware.BitCoinMiner
100.00%
AVG
BitCoin, BitCoinMiner
100.00%
Total Defense
Win32/Tnega.AWUZ
50.00%
NANO AntiVirus
Riskware.Win32.BitCoinMiner.cqzthf
50.00%
Trend Micro House Call
HKTL_BITMINE.SML
50.00%
Kaspersky
not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner
50.00%
Trend Micro
HKTL_BITMINE.SML
50.00%
Avira AntiVirus
TR/BitCoinMiner.11533051
50.00%
AhnLab V3 Security
ASD.Reputation
50.00%
The domain down.ybcoin.com has been seen to resolve to the following 3 IP addresses.
203.130.53.14-BJ-CNC
January 28, 2016
203.130.53.18-BJ-CNC
January 28, 2016
203.130.53.15-BJ-CNC
January 28, 2016
File downloads found at URLs served by down.ybcoin.com.
The following 2 files have been seen to comunicate with down.ybcoin.com in live environments.
URL:
http://down.ybcoin.com/
Web server:
scs.sohucs.com
Related Domains
