home

download19.cdn.jzip.com

Domain Information

Server location:
Virginia, United States (US)

ASN:
AS22822 LLNW-AS Limelight Networks, INC. proxy AS object

Root domain:
jzip.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bandoo.BandooMe.Installer (M), Win32.Generic
100.00%

The domain download19.cdn.jzip.com has been seen to resolve to the following 2 IP addresses.

208.111.161.254
cdn-208-111-161-254.iad.llnw.net
July 3, 2016

208.111.160.6
cdn-208-111-160-6.iad.llnw.net
July 3, 2016

File downloads found at URLs served by download19.cdn.jzip.com.

1 / 68      (PUP)
http://download19.cdn.jzip.com/cdn/r/.../jZipSetup-r378-n-bc.exe  (e161289028edb68a4727e262052cf2d9)

1 / 68      (PUP)
http://download19.cdn.jzip.com/cdn/r/.../jZipSetup-r2-n-bc.exe  (7296c42c33233706eebef083a6dec605)

The following 85 files have been seen to comunicate with download19.cdn.jzip.com in live environments.

TCP » 208.111.161.254:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.160.6:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.161.254:80
crossbrowse.exe (Crossbrowse)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.161.254:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.161.254:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 208.111.160.6:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.161.254:80
Patcher.exe (Audition Patcher by Axeso5.com)

TCP » 208.111.161.254:80
sysmon.exe (SysMon)

TCP » 208.111.160.6:80
SimpleMalwareProtector.exe (Simple Malware Protector by SimpleStar)

TCP » 208.111.161.254:80
AdvancedSystemProtector.exe (ASP)

TCP » 208.111.160.6:80
AdvancedSystemProtector.exe (ASP)

TCP » 208.111.161.254:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.161.254:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.161.254:443
vosteran.exe

 
Latest 20 of 135 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.