home

esd.nzs.com.br

Financeiro GrupoNZN

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Server location:
Massachusetts, United States (US)

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:
nzs.com.br

Whois:
2 nzs.com.br records

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Binstall.W, PUP.Binstall.a, PUP.installCore.Binstall (M), PUP.Softonic.Bundler (M), PUP.installCore (M), PUP.InstallCore.EST (M), PUP.aTubeCatcher (L), PUP.installCore.ISBRInst (M)
93.75%

Dr.Web
Trojan.Packed.25266, Trojan.InstallCore.1903
10.42%

VIPRE Antivirus
InstallCore.b, Trojan.Win32.Generic, Threat.4837543
10.42%

ESET NOD32
Win32/InstallCore.ND (variant), Win32/InstallCore.NZ (variant)
8.33%

Fortinet FortiGate
Riskware/InstallCore
8.33%

McAfee
Artemis!C2C80176C556, Artemis!50A9FAFDA8FF, Artemis!6D3E7AFEAE6D
6.25%

herdProtect (fuzzy)
a variant of 8772c715400a09c7f558eedd934d136fcbb49eb7
4.17%

Malwarebytes
PUP.Optional.InstallCore.A, PUP.Optional.Installcore
4.17%

Trend Micro House Call
TROJ_GEN.F47V0418, TROJ_GEN.F47V0521
4.17%

Sophos
Install Core Click run software
4.17%

Comodo Security
Application.Win32.InstallCore.~ND, Application.Win32.Installcore.IO
4.17%

Vba32 AntiVirus
Downware.InstallCore
4.17%

Agnitum Outpost
PUA.InstallCore
2.08%

K7 AntiVirus
Unwanted-Program
2.08%

Avira AntiVirus
Adware/InstallCore.NZ
2.08%

The domain esd.nzs.com.br has been seen to resolve to the following 38 IP addresses.

23.62.7.35
a23-62-7-35.deploy.static.akamaitechnologies.com
August 13, 2015

23.67.250.120
a23-67-250-120.deploy.static.akamaitechnologies.com
May 4, 2015

23.67.250.88
a23-67-250-88.deploy.static.akamaitechnologies.com
May 4, 2015

72.247.9.160
a72-247-9-160.deploy.akamaitechnologies.com
May 4, 2015

72.247.9.114
a72-247-9-114.deploy.akamaitechnologies.com
May 4, 2015

23.67.243.42
May 4, 2015

23.67.243.25
a23-67-243-25.deploy.static.akamaitechnologies.com
May 4, 2015

23.62.7.65
a23-62-7-65.deploy.static.akamaitechnologies.com
December 2, 2014

23.62.7.19
a23-62-7-19.deploy.static.akamaitechnologies.com
December 2, 2014

23.15.7.138
a23-15-7-138.deploy.static.akamaitechnologies.com
November 2, 2014

23.61.250.17
a23-61-250-17.deploy.static.akamaitechnologies.com
November 1, 2014

23.61.250.18
a23-61-250-18.deploy.static.akamaitechnologies.com
November 1, 2014

23.15.9.153
a23-15-9-153.deploy.static.akamaitechnologies.com
October 9, 2014

23.15.9.161
a23-15-9-161.deploy.static.akamaitechnologies.com
October 9, 2014

184.25.157.83
a184-25-157-83.deploy.static.akamaitechnologies.com
September 22, 2014

184.25.157.91
a184-25-157-91.deploy.static.akamaitechnologies.com
September 22, 2014

23.15.7.163
a23-15-7-163.deploy.static.akamaitechnologies.com
September 18, 2014

168.143.242.234
September 18, 2014

168.143.242.224
September 18, 2014

23.0.160.72
a23-0-160-72.deploy.static.akamaitechnologies.com
September 3, 2014

23.0.160.17
a23-0-160-17.deploy.static.akamaitechnologies.com
September 3, 2014

23.0.160.58
a23-0-160-58.deploy.static.akamaitechnologies.com
September 3, 2014

184.51.126.59
a184-51-126-59.deploy.static.akamaitechnologies.com
August 22, 2014

184.51.126.51
a184-51-126-51.deploy.static.akamaitechnologies.com
August 22, 2014

23.15.7.152
a23-15-7-152.deploy.static.akamaitechnologies.com
August 17, 2014

23.15.7.147
a23-15-7-147.deploy.static.akamaitechnologies.com
August 17, 2014

23.0.160.83
a23-0-160-83.deploy.static.akamaitechnologies.com
August 16, 2014

23.0.160.42
a23-0-160-42.deploy.static.akamaitechnologies.com
August 16, 2014

23.0.160.25
a23-0-160-25.deploy.static.akamaitechnologies.com
August 16, 2014

63.88.100.192
May 29, 2014

 
Showing 30 of 38 IP Addresses

File downloads found at URLs served by esd.nzs.com.br.

1 / 68      (Adware)
http://esd.nzs.com.br/programas/45101/.../diamond-spider-solitaire-10-32-bits.exe  (1266402f4e5ad57bcf29171bd7a7abc2)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/37145/.../software-avaliacao-fisica-physical-test-80-32-bits.exe  (81adffaab86bf393e3d875fa3724e73e)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/59899/.../logo-maker-24-32-bits.exe  (461036c295d81ef04d3bc90b2e36685c)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/90416/.../sync-ios-401-32-bits.exe  (c362c9ebc719c733b4560c240054fa6f)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/36174/.../pdf-image-extraction-wizard-62-32-bits.exe  (c2e4cacaeeaba3b5cf4b15cec0a42d94)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/57557/.../punkbuster-service-v0987-32-bits.exe  (11d56154c298d9ef56914677d87515e1)

0 / 68
http://esd.nzs.com.br/programas/48923/.../atube-catcher-387971-32-bits.exe  (2d2f5936505ec27813e717beb8f267dc)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/105437/.../odallus-the-dark-call-demo-32-bits.exe  (6f1d022ff50ad4a7a3e9d7f6e1eebe1e)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/105607/.../rogue-legacy-demo-103-32-bits.exe  (a62086fc1176035a6a66f1741d72de9a)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/106549/.../7-data-android-recover-10-beta-32-bits.exe  (4c8578e398a6b9f2b641e55c751cf177)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/45748/.../virtual-clonedrive-5470-32-bits.exe  (237a0ea1da6b64036b8544b8c8c0c225)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/81829/.../corel-aftershot-pro-1207-32-bits.exe  ({blocked}.exe)

1 / 68      (PUP)
http://esd.nzs.com.br/programas/.../912-aTubeCatcher.exe  (8663aafec3cbbf367c68d7cfc9662896)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/73475/.../ashampoo-burning-studio-elements-1009-32-bits.exe  (71de1d0eb4f95a36b8d99589949a662d)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/58038/.../quadro-racing-10-32-bits.exe  (bb819ab68e4c55dee4cf8a646f560e27)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/75863/.../badoo-desktop-1655-32-bits.exe  (c2d6de0e69ef3792498960f784d95dc5)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/46260/.../autogk-auto-gordian-knot--255-32-bits.exe  (e5d5c7778e67a9f1155cb5e66af7154e)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/42789/.../codec-84f-32-bits.exe  (bf919e7356f83e272d946ecccdaa76a7)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/59516/.../super-volei-brasil-2-32-bits.exe  (96cfb9cc79ca91811bae6eebcbbf8817)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/66656/.../4shared-desktop-4031-32-bits.exe  (31da637a56e97c502a13f78218f73d5e)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/105206/.../keyboard-layout-manager-lite-v29256-32-bits.exe  (cbcbc98bd603724897c0974eb1213831)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/68600/.../useesoft-free-youtube-downloader-1043-32-bits.exe  (c3563f6ff34b0274ebf25e71402226a0)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/112465/.../tubequeue-166-32-bits.exe  (4c97d5dcdee00864614ebe103cdd91db)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/58466/.../magix-slideshow-maker-20-32-bits.exe  (9a15e5c09f1f675331c631424fd37285)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/65448/.../geosense-for-windows-12-32-bits.exe  (9771e685d051da6bc91755e8fb70d499)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/59899/.../logo-maker-24-32-bits.exe  (b70065f750c7a7fac81a66e2589792aa)

1 / 68      (Adware)
http://esd.nzs.com.br/programas/2443/.../bearshare-1200134249-32-bits.exe  (0acc2fc9d1553da724c8c827857fc971)

12 / 68    (Adware)
http://esd.nzs.com.br/programas/74350/.../pdf-to-jpg-350-32-bits.exe  (67d624eb372c8aacaaf6f5384c5459b0)

6 / 68      (Adware)
http://esd.nzs.com.br/programas/33061/.../ccleaner-4124657-32-bits.exe  (c2c80176c556164675b0b26ba86a2e32)

5 / 68      (Adware)
http://esd.nzs.com.br/programas/20518/.../mozilla-firefox-280-32-bits.exe  (icreinstall_mozilla-firefox-280-32-bits.exe)

 
Latest 30 of 769 download URLs

The following 707 files have been seen to comunicate with esd.nzs.com.br in live environments.

TCP » 23.15.7.152:80
browser.exe (speed browser by Smart Applications)

TCP » 23.15.7.147:80
browser.exe (speed browser by Smart Applications)

TCP » 23.15.7.152:80
updateadmin.exe

TCP » 184.51.126.59:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.67.250.120:80
dailywiki.exe

TCP » 184.51.126.59:80
browser.exe (Speed Browser by Smart Applications)

TCP » 184.51.126.51:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 23.15.7.152:443
browser.exe (Browser)

TCP » 23.67.250.88:80
comcastantispyservice.exe

TCP » 184.51.126.51:80
internetport3.exe (internetport3)

TCP » 184.51.126.51:80
ankgikcaabhnbjopedljgmgmdbkbdimn.crx

TCP » 184.51.126.51:80
imnmlgndokmgocfabbcnfnjfopjkbinb.crx

TCP » 184.51.126.59:80
mgecpdghpgpnpbaipkgdmjmoihnhicjg.crx

TCP » 184.51.126.59:80
onheklgeghhphlhgpbfpgmlpjinjoida.crx

TCP » 23.0.160.17:80
iamjpabkjdeomjcadgemaoildalbpoej.crx

TCP » 23.0.160.17:80
lmihdpllccgkjbljiacepmhkekempnip.crx

TCP » 23.0.160.17:80
okmbhmfbghnekneejbbmeofpjoemplee.crx

TCP » 23.0.160.17:80
afmjbhgpegkmhbockiombccdeehcoknj.crx

TCP » 23.0.160.17:80
kgfiahkfcopaddnpncbgopejfkeaopmi.crx

TCP » 23.0.160.17:80
afmjbhgpegkmhbockiombccdeehcoknj.crx

 
Latest 20 of 730 files

URL:
http://esd.nzs.com.br/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.