home

ezanole04.myweb.hinet.net

Internet Dept., DCBG, Chunghwa Telecom Co., Ltd.

Domain Information

The domain ezanole04.myweb.hinet.net registered by Internet Dept., DCBG, Chunghwa Telecom Co., Ltd. was initially registered in March of 1994 through Network Solutions, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in Taipei, T'Ai-Wan within Taiwan which resides on the Asia Pacific Network Information Centre network.
Registrar:
Network Solutions, LLC

Server location:
T'Ai-Wan, Taiwan (TW)

Create date:
Saturday, March 19, 1994

Expires date:
Monday, March 20, 2017

Updated date:
Tuesday, February 2, 2016

ASN:
AS3462 HINET Data Communication Business Group

Root domain:
hinet.net

Whois:
1 hinet.net record

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Quick Heal
(Suspicious) - DNAScan
100.00%

McAfee
Trojan-FEXB!DD729F6A8F06, Artemis!03B6C6C0CDEB
100.00%

Malwarebytes
Trojan.Agent
100.00%

Comodo Security
TrojWare.Win32.Agent.COC
100.00%

Avira AntiVirus
TR/Dropper.Gen
100.00%

ESET NOD32
Win32/Packed.Themida (variant)
100.00%

Qihoo 360 Security
Malware.QVM39.Gen
50.00%

nProtect
Trojan.Generic.12051092
50.00%

K7 AntiVirus
Trojan
50.00%

Norman
Suspicious_Gen4.HENRY
50.00%

Trend Micro House Call
TROJ_GE.0A4AF4B4
50.00%

avast!
Win32:Malware-gen
50.00%

Bitdefender
Trojan.Generic.12051092
50.00%

Rising Antivirus
PE:Trojan.Win32.Generic.17926D9C!395472284
50.00%

Lavasoft Ad-Aware
Trojan.Generic.12051092
50.00%

The domain ezanole04.myweb.hinet.net has been seen to resolve to the following IP address.

61.219.39.130
61-219-39-130.HINET-IP.hinet.net
August 21, 2016

File downloads found at URLs served by ezanole04.myweb.hinet.net.

24 / 68    (Malware)
http://ezanole04.myweb.hinet.net/ezShapeUpdate689.exe  (75923d715f818860c2507de706a31b82)

7 / 68      (Malware)
http://ezanole04.myweb.hinet.net/ezShapeUpdate690.exe  (4e74c8ce2121d424051c3bd5a30cc42a)

The following file have been seen to comunicate with ezanole04.myweb.hinet.net in live environments.

TCP » 61.219.39.130:80
bd.0.7.5.crx

URL:
http://ezanole04.myweb.hinet.net/

SSL certificate subject:
CN=*.myweb.hinet.net, O=中華電信股份有限公司, C=TW

SSL certificate issuer:
OU=Public Certification Authority - G2, O="Chunghwa Telecom Co., Ltd.", C=TW

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.