download.wuji.com

Xiamen Privacy Protection Service Co. Ltd.

Domain Information

The domain download.wuji.com registered by Xiamen Privacy Protection Service Co. Ltd. was initially registered in August of 1998 through ENAME TECHNOLOGY CO., LTD.. Currently this domain has been known to host various forms of malware. The hosted servers are located in Beijing, Beijing within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Beijing, China (CN)

Create date:
Monday, August 24, 1998

Expires date:
Thursday, August 23, 2018

Updated date:
Friday, August 14, 2015

ASN:
AS4808 CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT,CN

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (85% detected)

Scan engine
Details
Detections

Malwarebytes
Trojan.Downloader.Small, Trojan.Agent, Adware.Chad, PUP.Optional.Downloaderch, PUP.Optional.ChinAd.A
57.69%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
57.69%

McAfee
Artemis!87A55CA5C9A1, Artemis!51100B599664, Artemis!899773532AC5, Artemis!409EDD09FB5B, Artemis!F477A93DCAD1, Artemis!1B6BCD8A3C88, Artemis!9382D292C347, Artemis!87DB0D5F5312, Artemis!F797FF6DD2C8, Artemis!8F8388FF0F95, PUP-FNT
53.85%

Trend Micro House Call
ADW_SETAPP, TROJ_GEN.F47V0119, TROJ_GEN.F47V0425, TROJ_GEN.F47V0317, TROJ_GEN.F47V0120, TROJ_GEN.F47V0528, Suspicious_GEN.F47V0704
50.00%

IKARUS anti.virus
Trojan.SuspectCRC, Win32.SuspectCrc, Graftor, PUA.WuJi
38.46%

Reason Heuristics
Unnamed.Threat.14, Threat.Win.Reputation.IMP
34.62%

G Data
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172, Win32.Application.WuJi
30.77%

MicroWorld eScan
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172
26.92%

Bitdefender
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172
26.92%

Emsisoft Anti-Malware
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172
26.92%

Lavasoft Ad-Aware
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172
26.92%

Norman
Malware
26.92%

F-Prot
W32/Zbot.PM.gen, W32/Downloader-Web-based!Maximu (not disinfectable)
26.92%

F-Secure
Trojan.Generic.9612330, Gen:Variant.Graftor.140471, Gen:Variant.Graftor.141172
23.08%

Dr.Web
Trojan.PWS.Banker1.9119, infected with Trojan.DownLoader11.4341, DLOADER.Trojan
23.08%

The domain download.wuji.com has been seen to resolve to the following 5 IP addresses.

May 31, 2014

May 29, 2014

May 21, 2014

March 14, 2014

February 7, 2014

File downloads found at URLs served by download.wuji.com.

1 / 68      (inconclusive)

9 / 68      (PUP)
http://download.wuji.com:6677/wuji/.../setup_4754.exe  (4cbcfdf7cfeb1900dd57aafd186dfe59)

9 / 68      (Malware)

1 / 68      (Malware)
http://download.wuji.com/wuji/.../Qvod_4945.exe  (655d7fdeaca9801f496af4e9c0bc56e2)

5 / 68      (Malware)

5 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

4 / 68      (inconclusive)

4 / 68      (Malware)

13 / 68    (Malware)

13 / 68    (Malware)

13 / 68    (Malware)

14 / 68    (PUP)
http://download.wuji.com:6677/wuji/.../setup_622.exe  (420004ea9d80ee371002b127529dbcbd)

5 / 68      (Malware)

7 / 68      (PUP)

15 / 68    (Malware)

8 / 68      (Malware)

5 / 68      (Malware)

3 / 68      (Malware)
http://download.wuji.com/wuji/.../setup_open_3157.exe  (0e1a7d4fbb16aae890e41b6af549f753)

13 / 68    (PUP)

Facebook:
Shares:  1

Statistics are for the previous month.